This code repo contains codebase for our proposed TRS ensemble training. We also include other STOA baseline code for fair comparison.
- ADP Training (https://arxiv.org/abs/1901.08846)
- GAL Training (https://arxiv.org/abs/1901.09981)
- DVERGE Training (https://arxiv.org/abs/2009.14720)
- Adversarial Training (https://arxiv.org/abs/1706.06083)
- TRS Training (ours)
train/Empirical folder contains corresponding code to construct above robust ensemble models. You can use the command as
python train/Empirical/train_xxx.py **kwargs
**kwargs refers to the training parameters which is defined in utils/Empirical/arguments.py
eval/Empirical folder contains:
whitebox/blackbox.py: Test the whitebox/blackbox attack robustness of the given ensemble model.decison_boundary.py: Plot the decision boundary figure around the given input instancestrans_matrix.py: Evaluate the adversarial transferability among base models under various attacks.
utils/Empirical folder contains:
surrogate.py: Generate blackbox transfer attack instances from the given surrogate ensemble models.