Improving the Adversarial Transferability of Vision Transformers with Virtual Dense Connection
Authors: Jianping Zhang, Yizhan Huang, Zhuoer Xu, Weibin Wu, Michael R. Lyu
AAAI 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experiments confirm the superiority of our proposed method over the state-of-the-art baselines, with an 8.2% improvement in transferability between Vi T models and a 7.2% improvement in cross-structure transferability from Vi Ts to CNNs. |
| Researcher Affiliation | Collaboration | 1Department of Computer Science and Engineering, The Chinese University of Hong Kong 2Tiansuan Lab, Antgroup 3School of Software Engineering, Sun Yat-sen University |
| Pseudocode | No | The paper does not contain any pseudocode or clearly labeled algorithm blocks. |
| Open Source Code | No | The paper does not provide any explicit statements about releasing source code or links to a code repository for the described methodology. |
| Open Datasets | Yes | Our experiments mainly focus on the Image Net dataset (Russakovsky et al. 2015) to attack image classification models... To align with the previous work, we follow the baseline method (Wei et al. 2022) to randomly sample 1000 images of different classes from the ILSVRC 2012 validation set (Russakovsky et al. 2015). |
| Dataset Splits | No | The paper states using '1000 images of different classes from the ILSVRC 2012 validation set' as their dataset for generating adversarial examples. However, as they are attacking pre-trained models rather than training their own, they do not specify explicit training/validation/test dataset splits for their experimental setup. |
| Hardware Specification | No | The paper does not provide specific details about the hardware used for running experiments, such as GPU models, CPU specifications, or cloud computing environments with their configurations. |
| Software Dependencies | No | The paper does not provide specific version numbers for software dependencies or libraries used in the experiments (e.g., 'PyTorch 1.9', 'Python 3.8'). |
| Experiment Setup | Yes | We set the budget ϵ = 16, with the image pixel value ranging from 0 to 255. We pick the number of the iteration T = 10, so the step length α = ϵ/T = 1.6. Since all the baselines utilize the momentum optimizer, we set the decay factor µ = 1.0. We resize all images to 224 x 224 as the input and pick the patch size to be 16 for the inputs of transformer-based models. For our proposed VDC, we set the scaling factor and the decay factor to be 0.1 and 0.5, respectively. |