CDTA: A Cross-Domain Transfer-Based Attack with Contrastive Learning
Authors: Zihan Li, Weibin Wu, Yuxin Su, Zibin Zheng, Michael R. Lyu
AAAI 2023 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We evaluate CDTA with 16 target deep models on four datasets with widely varying styles. The results confirm that, in terms of the attack success rate, our approach can consistently outperform the state-of-the-art baselines by an average of 11.45% across all target models. |
| Researcher Affiliation | Academia | 1 School of Software Engineering, Sun Yat-sen University 2 Department of Computer Science and Engineering, The Chinese University of Hong Kong lizh523@mail2.sysu.edu.cn, {wuwb36, suyx35, zhzibin}@mail.sysu.edu.cn, lyu@cse.cuhk.edu.hk |
| Pseudocode | No | The paper provides mathematical equations describing the optimization algorithm for generating adversarial perturbations, but it does not include a formally labeled 'Pseudocode' or 'Algorithm' block. |
| Open Source Code | Yes | Our code is available at https://github.com/Liuliet Lee/CDTA. |
| Open Datasets | Yes | Image Net (Deng et al. 2009) is large and diverse enough, so we choose Image Net as our source domain dataset. |
| Dataset Splits | No | The paper mentions selecting 500 images from the test set for evaluation, but it does not specify the training or validation splits used for the datasets or the models. |
| Hardware Specification | No | The paper does not provide specific details about the hardware (e.g., GPU models, CPU types, memory) used for running the experiments. |
| Software Dependencies | No | The paper mentions 'Py Torch library' but does not specify its version or any other software dependencies with version numbers. |
| Experiment Setup | Yes | We set the maximum perturbation to 16 for all experiments with pixel values in [0, 255]. We set the iteration number of CDTA as 30 and the step size as 4. ... MI-FGSM and DIM set the step size to 1 and the iteration number to 20, while TI-DIM sets the step size to 1.6 and the iteration number to 10. ... For SSP, the step size equals 2.55, and the iteration number equals 100. ... The input size of Inc-v3 is 3 299 299, while the others are 3 224 224. |