DiffHammer: Rethinking the Robustness of Diffusion-Based Adversarial Purification
Authors: Kaibo Wang, Xiaowen Fu, Yuxuan Han, Yang Xiang
NeurIPS 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our experiments validate that Diff Hammer achieves effective results within 10-30 iterations, outperforming other methods. |
| Researcher Affiliation | Academia | Kaibo Wang1, Xiaowen Fu1, Yuxuan Han1, Yang Xiang1,2 1Department of Mathematics, The Hong Kong University of Science and Technology 2HKUST Shenzhen-Hong Kong Collaborative Innovation Research Institute |
| Pseudocode | Yes | Algorithm 1: Diff Hammer |
| Open Source Code | Yes | 2The codes are publicly available at https://github.com/Ka1b0/Diff Hammer. |
| Open Datasets | Yes | Consistent with prior work, we use subsets of the CIFAR10 [15], CIFAR100 [15], and Image Nettete [12] (a subset of 10 easily classified classes from Imagenet [6], more suited for robustness evaluation) with sizes of 512, 512, and 256 as datasets, respectively. |
| Dataset Splits | No | The paper mentions using subsets of CIFAR10, CIFAR100, and Image Nettete with specific sizes, but does not explicitly provide percentages or absolute counts for training, validation, and test splits needed to reproduce the data partitioning. |
| Hardware Specification | Yes | All experiments are performed on 1 NVIDIA GeForce RTX 4090 with a memory of 24564 MB. |
| Software Dependencies | No | The paper mentions using specific algorithms like APGD, PGD, VMI, and SVRE, but does not provide details on specific software dependencies with version numbers (e.g., Python, PyTorch, TensorFlow versions). |
| Experiment Setup | Yes | In the experiment, t is set to 0.1 (ℓ ) and 0.075 (ℓ2) in CIFAR [15], and in Image Nettete [12], t is set to 0.05. We conducted three restarts totaling 150 iterations to thoroughly evaluate the robustness of the model. The step size in PGD [21] is set to 0.007, and the momentum coefficient is set to 1. |