Mirrors_Framework/deepmind-research
1
0
Fork 0
mirror of https://github.com/google-deepmind/deepmind-research.git synced 2026-05-12 14:47:14 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added new models.

Browse Source 
PiperOrigin-RevId: 434780632
This commit is contained in:
Sven Gowal
2022-03-15 16:59:51 +00:00
committed by alimuldal
parent b2fa23c838
commit 8e24fbbb29
1 changed files with 27 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
adversarial_robustness/README.md
+27 -4
View File
@@ -2,9 +2,11 @@
This repository contains the code needed to evaluate models trained in
[Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples](https://arxiv.org/abs/2010.03593)
(Gowal et al., 2020) and in
(Gowal et al., 2020), in
[Fixing Data Augmentation to Improve Adversarial Robustness](https://arxiv.org/abs/2103.01946)
(Rebuffi et al., 2021).
(Rebuffi et al., 2021) and in
[Improving Robustness using Generated Data](https://arxiv.org/abs/2110.09468)
(Gowal et al., 2021).
## Contents
@@ -50,6 +52,14 @@ The following table contains the models from **Rebuffi et al., 2021**.
| CIFAR-100 | &#8467;<sub>&infin;</sub> | 8 / 255 | WRN-28-10 | &#x2717; | 62.41% | 32.06% | [jax](https://storage.googleapis.com/dm-adversarial-robustness/cifar100_linf_wrn28-10_cutmix_ddpm.npy), [pt](https://storage.googleapis.com/dm-adversarial-robustness/cifar100_linf_wrn28-10_cutmix_ddpm.pt)
| CIFAR-100 | &#8467;<sub>&infin;</sub> | 8 / 255 | ResNet-18 | &#x2717; | 56.87% | 28.50% | [jax](https://storage.googleapis.com/dm-adversarial-robustness/cifar100_linf_resnet18_ddpm.npy), [pt](https://storage.googleapis.com/dm-adversarial-robustness/cifar100_linf_resnet18_ddpm.pt)
The following table contains additional models from **Gowal et al., 2021**.
| dataset | norm | radius | architecture | extra data | clean | robust | link |
|---|:---:|:---:|:---:|:---:|---:|---:|:---:|
| CIFAR-10 | &#8467;<sub>&infin;</sub> | 8 / 255 | WRN-70-16 | &#x2717; | 88.74% | 66.11% | [jax](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_wrn70-16_cutmix_ddpm_100m.npy), [pt](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_wrn70-16_cutmix_ddpm_100m.pt)
| CIFAR-10 | &#8467;<sub>&infin;</sub> | 8 / 255 | WRN-70-16 | &#x2717; | 87.50% | 63.44% | [jax](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_wrn28-10_ddpm_100m.npy), [pt](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_wrn28-10_ddpm_100m.pt)
| CIFAR-10 | &#8467;<sub>&infin;</sub> | 8 / 255 | ResNet-18 | &#x2717; | 87.35% | 58.63% | [jax](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_resnet18_ddpm_100m.npy), [pt](https://storage.googleapis.com/dm-adversarial-robustness/cifar10_linf_resnet18_ddpm_100m.pt)
### Installing
The following has been tested using Python 3.9.2.
@@ -125,8 +135,9 @@ out to Sven Gowal directly.
### Generated datasets
Rebuffi et al. (2021) use samples generated by a Denoising Diffusion
Probabilistic Model [(DDPM; Ho et al., 2020)](https://arxiv.org/abs/2006.11239)
Rebuffi et al. (2021) and Gowal et al. (2021) use samples generated by a
Denoising Diffusion Probabilistic Model
[(DDPM; Ho et al., 2020)](https://arxiv.org/abs/2006.11239)
to improve robustness. The DDPM is solely trained on the original training data
and does not use additional external data. The following table links to datasets
of 1M **generated** samples for CIFAR-10, CIFAR-100 and SVHN.
@@ -172,6 +183,18 @@ and/or
}
```
and/or
```
@article{gowal2021generated,
title={Improving Robustness using Generated Data},
author={Gowal, Sven and Rebuffi, Sylvestre-Alvise and Wiles, Olivia and Stimberg, Florian and Calian, Dan A. and Mann, Timothy},
journal={arXiv preprint arXiv:2110.09468},
year={2021},
url={https://arxiv.org/pdf/2110.09468}
}
```
## Disclaimer
This is not an official Google product.