Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in Coakley et alK. L. Coakley, T. Snelleman, H. Hoos, and O. E. Gundersen, "The embrace of open science: An analysis of a decade of AI research and 56 800 conference papers," Under Review, 2026..
Reverse Engineering of Imperceptible Adversarial Image Perturbations
Authors: Yifan Gong, Yuguang Yao, Yize Li, Yimeng Zhang, Xiaoming Liu, Xue Lin, Sijia Liu
ICLR 2022 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experiments demonstrate the effectiveness of CDD-RED under different evaluation metrics (ranging from the pixel-level, prediction-level to the attribution-level alignment) and a variety of attack generation methods (e.g., FGSM, PGD, CW, Auto Attack, and adaptive attacks). |
| Researcher Affiliation | Collaboration | Yifan Gong1 , Yuguang Yao2 , Yize Li1, Yimeng Zhang2, Xiaoming Liu2, Xue Lin1, Sijia Liu2,3 1 Northeastern University, 2 Michigan State University, 3 MIT-IBM Watson AI Lab, IBM Research |
| Pseudocode | No | The paper describes algorithms and formulations (e.g., training objectives and equations) but does not provide any explicitly labeled pseudocode or algorithm blocks. |
| Open Source Code | Yes | Codes are available at link. Code is available at: https://github.com/Northeastern-NLP/RED |
| Open Datasets | Yes | To train and test RED models, we generate adversarial examples on the Image Net dataset (Deng et al., 2009). |
| Dataset Splits | Yes | As a consequence, 45K (3 × 5 × 3K) adversarial images are generated in total: 37.5K for training and 7.5K for validating. |
| Hardware Specification | Yes | We measure the computation cost on a single RTX Titan GPU. |
| Software Dependencies | No | The paper mentions specific models (VGG19, DnCNN) and optimizers (Adam) with citations, but it does not list specific software dependencies with version numbers (e.g., Python, PyTorch, TensorFlow). |
| Experiment Setup | Yes | The RED problem is solved using an Adam optimizer (Kingma & Ba, 2015) with the initial learning rate of 10-4, which decays 10 times for every 140 training epochs. In (4), the regularization parameter λ is set as 0.025. The maximum number of training epochs is set as 300. |