On the Robustness of Deep Clustering Models: Adversarial Attacks and Defenses
Authors: Anshuman Chhabra, Ashwin Sekhari, Prasant Mohapatra
NeurIPS 2022 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We analyze our attack against multiple state-of-the-art deep clustering models and realworld datasets, and find that it is highly successful. We then employ some natural unsupervised defense approaches, but find that these are unable to mitigate our attack. Finally, we attack Face++, a production-level face clustering API service, and find that we can significantly reduce its performance as well. Through this work, we thus aim to motivate the need for truly robust deep clustering models. |
| Researcher Affiliation | Academia | Anshuman Chhabra , Ashwin Sekhari*, and Prasant Mohapatra Department of Computer Science University of California Davis, CA 95616 {chhabra,asekhari,pmohapatra}@ucdavis.edu |
| Pseudocode | No | The paper does not contain structured pseudocode or algorithm blocks (clearly labeled algorithm sections or code-like formatted procedures). |
| Open Source Code | Yes | Yes, we include code, dataset, and implementation details in the Appendix D. We also provide actual code along with reproducibility instructions in the supplementary material. |
| Open Datasets | Yes | For our experiments on the open-source models, we utilize the following real-world image datasets: CIFAR-10 [20], CIFAR-100 [21], and STL-10 [22]. |
| Dataset Splits | No | The paper mentions using a 'test set' for evaluation but does not specify clear training/validation/test dataset splits (exact percentages, sample counts, or explicit standard split references) for reproduction. |
| Hardware Specification | No | The paper mentions providing 'details on implementation and resources used in Appendix D' but does not explicitly state specific hardware details (like GPU/CPU models or specific processor types) within the main text provided. |
| Software Dependencies | No | The paper does not provide specific ancillary software details (e.g., library or solver names with version numbers) needed to replicate the experiment. |
| Experiment Setup | Yes | We have presented hyperparameter (αa, αc, ϵ, etc.) values for all experiments in this section in Appendix A.1 due to space limitations. We provide a complete list of all experiment details and hyperparameter values in Appendix A.1 for the attack on open-source models. |