Skip to content

xpf/Flow-Gradient-Regularization

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
attacks
attacks
 
 
datasets
datasets
 
 
figures
figures
 
 
models
models
 
 
regularizers
regularizers
 
 
utils
utils
 
 
README.md
README.md
 
 
evaluate.py
evaluate.py
 
 
opts.py
opts.py
 
 
plots.py
plots.py
 
 
train.py
train.py
 
 

Repository files navigation

Flow-Gradient-Regularization (PyTorch)

Improving Resistance to Adversarial Deformations by Regularizing Gradients

Pengfei Xia and Bin Li, Neurocomputing, 2021.

Abstract: Improving the resistance of deep neural networks against adversarial attacks is important for deploying models in realistic applications. Nowadays, most defense methods are designed to resist intensity perturbations, and location perturbations have not yet attracted enough attention. However, these two types should be equally important for deep model security. In this paper, we focus on adversarial deformations, a typical class of location perturbations, and propose a defense method named flow gradient regularization to improve the resistance of models against such attacks. By theoretical analysis, we prove that regularizing flow gradients is able to get a tighter bound than regularizing input gradients. Through verifying over multiple datasets, network architectures, and adversarial deformations, our empirical results indicate that training with flow gradients performs better than training with input gradients by a large margin, and also better than adversarial training. Moreover, the proposed method can be used to combine with adversarial deformation training to improve the resistance further.

Training

# Train VGG-11 on CIFAR-10 without FGR
python main.py --data_path your_path --data_name cifar10 --model_name vgg11 --fgr_lamb 0

# Train VGG-11 on CIFAR-10 with FGR and lambda set to 300
python main.py --data_path your_path --data_name cifar10 --model_name vgg11 --fgr_lamb 300

Evaluating

# Evaluate VGG-11 trained on CIFAR-10 without FGR
python evaluate.py --data_path your_path --data_name cifar10 --model_name vgg11 --fgr_lamb 0

# Evaluate VGG-11 trained on CIFAR-10 with FGR and lambda set to 300
python evaluate.py --data_path your_path --data_name cifar10 --model_name vgg11 --fgr_lamb 300

Citation

If you find this work useful for your research, please consider citing our paper:

@article{xia2021improving,
  title={Improving Resistance to Adversarial Deformations by Regularizing Gradients},
  author={Xia, Pengfei and Li, Bin},
  journal={Neurocomputing},
  volume={455},
  pages={38--46},
  year={2021},
  publisher={Elsevier}
}

About

Improving Resistance to Adversarial Deformations by Regularizing Gradients

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages