Unable to generate l2 attack examples

Question

Unable to generate l2 attack examples

ericcheng09 opened this issue 6 years ago · comments

I have a pre-trained keras MNIST model and I want to use my model to generate adversarial examples.

Here is the code I change in class MNISTModel() in setup_mnist.py :
`

    self.num_channels = 1
    self.image_size = 28
    self.num_labels = 10
    K.set_session(session)
    model = load_model('MNIST_model1.h5')
    self.model = model

`

But when I ran the code, I got some examples that have all zeros.

Should I load the model like this?
Thank you

msingh27 · Answer 1 · Thu Apr 19 2018 21:36:54 GMT+0800 (China Standard Time)

Yes, I am also facing a similar situation. Did you find some workaround to this ericcheng09.
Loading the model trained using train_models.py also some outputs adversarial examples which are having all zeros.

Any suggestions?
Thanks

Nicholas Carlini · Answer 2 · Fri Apr 20 2018 01:46:47 GMT+0800 (China Standard Time)

When it outputs all zeros, that's an indication it failed to construct an adversarial example. Most of the time, this means the keras model you are loading includes a softmax activation layer as the final layer, and you should remove this (or otherwise change the predict function to be tf.log(self.model(x)).

msingh27 · Answer 3 · Wed Apr 25 2018 17:32:48 GMT+0800 (China Standard Time)

Thanks for the feedback. It works for most of the examples now.

kakacharles10 · Answer 4 · Thu Nov 22 2018 20:30:33 GMT+0800 (China Standard Time)

Can I generate cifar-10 attack examples on Windows?

Nicholas Carlini · Answer 5 · Thu Nov 22 2018 23:44:03 GMT+0800 (China Standard Time)

I've never tested that, but that seems like a different issue than this one.