Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for SNAL attack #2440

Open
wants to merge 1 commit into
base: dev_1.18.0
Choose a base branch
from
Open

Added support for SNAL attack #2440

wants to merge 1 commit into from

Conversation

CNOCycle
Copy link

Description

This pull request adds the support of the SNAL Attack proposed in [1].

[1]Steal Now and Attack Later: Evaluating Robustness of Object Detection against Black-box Adversarial Attacks. [Paper]
Fixes # (issue)

Type of change

Please check all relevant options.

  • Improvement (non-breaking)
  • Bug fix (non-breaking)
  • New feature (non-breaking)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Testing

Please describe the tests that you ran to verify your changes. Consider listing any relevant details of your test configuration.

  • Notebook Example

Test Configuration:

  • OS: Ubuntu 20.04
  • Python version: 3.8.12
  • ART version or commit number: 900f470
  • PyTorch version: 1.13.1+cu116
  • cudnn version: 8302

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • My changes have been tested using both CPU and GPU devices

@beat-buesser beat-buesser self-requested a review May 6, 2024 09:21
@beat-buesser beat-buesser self-assigned this May 6, 2024
@beat-buesser beat-buesser added the enhancement New feature or request label May 6, 2024
@beat-buesser beat-buesser added this to the ART 1.18.0 milestone May 6, 2024
@beat-buesser beat-buesser changed the base branch from main to dev_1.18.0 May 13, 2024 21:57
@codecov Codecov
Copy link

codecov bot commented May 13, 2024
edited

Codecov Report

Attention: Patch coverage is 7.25275% with 422 lines in your changes are missing coverage. Please review.

Project coverage is 80.70%. Comparing base (900f470) to head (f27a05a).
Report is 44 commits behind head on dev_1.18.0.

Additional details and impacted files

Impacted file tree graph

@@              Coverage Diff               @@
##           dev_1.18.0    #2440      +/-   ##
==============================================
- Coverage       85.39%   80.70%   -4.69%     
==============================================
  Files             327      328       +1     
  Lines           30205    30660     +455     
  Branches         5589     5651      +62     
==============================================
- Hits            25794    24745    -1049     
- Misses           2964     4500    +1536     
+ Partials         1447     1415      -32
Files Coverage Δ
art/attacks/evasion/__init__.py 100.00% <100.00%> (ø)
art/attacks/evasion/steal_now_attack_latter.py 7.04% <7.04%> (ø)

... and 18 files with indirect coverage changes

github-advanced-security[bot]
github-advanced-security bot found potential problems May 13, 2024
View reviewed changes
art/attacks/evasion/steal_now_attack_latter.py
x_out = x_init.clone()
x_eval = self._assemble(tile_mat, x_org)
adv_patch, adv_position = collect_patches_from_images(self.estimator, x_eval)
cur_patch = adv_patch[0]

Check notice

Code scanning / CodeQL

Unused local variable Note

Variable cur_patch is not used.
art/attacks/evasion/steal_now_attack_latter.py

# select n_sample candidates
c_tile = r_tile
c_mask = r_mask

Check warning

Code scanning / CodeQL

Variable defined multiple times Warning

This assignment to 'c_mask' is unnecessary as it is
redefined
before this value is used.
art/attacks/evasion/steal_now_attack_latter.py
else:
target = bcount_list[0].patch[None, :]
x_ref = x[b, :, y1:y2, x1:x2]
pert = target - x_ref

Check warning

Code scanning / CodeQL

Variable defined multiple times Warning

This assignment to 'pert' is unnecessary as it is
redefined
before this value is used.
art/attacks/evasion/steal_now_attack_latter.py
# update results
adv_patch, adv_position = collect_patches_from_images(self.estimator, x_cand)
for idx in range(n_samples):
cur_patch = adv_patch[idx]

Check warning

Code scanning / CodeQL

Variable defined multiple times Warning

This assignment to 'cur_patch' is unnecessary as it is
redefined
before this value is used.
beat-buesser
beat-buesser requested changes May 13, 2024
View reviewed changes
Copy link
Collaborator

@beat-buesser beat-buesser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @CNOCycle Thank you very much for you pull request. I think it looks good, I have only found a few formatting and documentation issues. Could you please take a look and let me know if you have questions?

art/attacks/evasion/steal_now_attack_latter.py
@@ -0,0 +1,747 @@
#
# Copyright (C) The Adversarial Robustness Toolbox (ART) Authors 2018
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
# Copyright (C) The Adversarial Robustness Toolbox (ART) Authors 2018
# Copyright (C) The Adversarial Robustness Toolbox (ART) Authors 2024

art/attacks/evasion/steal_now_attack_latter.py
Comment on lines +18 to +21
"""
This module implements the paper: "Steal Now and Attack Later: Evaluating Robustness of Object Detection against Black-box Adversarial Attacks"
| Paper link: https://arxiv.org/abs/2304.05370
"""
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"""
This module implements the paper: "Steal Now and Attack Later: Evaluating Robustness of Object Detection against Black-box Adversarial Attacks"
| Paper link: https://arxiv.org/abs/2304.05370
"""
"""
This module implements the paper: "Steal Now and Attack Later: Evaluating Robustness of Object Detection against Black-box Adversarial Attacks"
| Paper link: https://arxiv.org/abs/2304.05370
"""

art/attacks/evasion/steal_now_attack_latter.py
Comment on lines +25 to +26
import logging
from typing import Optional, Tuple, TYPE_CHECKING
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
import logging
from typing import Optional, Tuple, TYPE_CHECKING
import logging
import random
from typing import Optional, Tuple, TYPE_CHECKING

art/attacks/evasion/steal_now_attack_latter.py
from typing import Optional, Tuple, TYPE_CHECKING

import numpy as np
import random
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
import random

art/attacks/evasion/steal_now_attack_latter.py

x_out[:, :, y1:y2, x1:x2] = updated

return x_out, tile_mat
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add empty line at end of file

Suggested change
return x_out, tile_mat
return x_out, tile_mat

art/attacks/evasion/steal_now_attack_latter.py
Comment on lines +633 to +634
import torch
TRIAL = 10
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
import torch
TRIAL = 10
import torch
TRIAL = 10

art/attacks/evasion/steal_now_attack_latter.py

def __init__(
self,
estimator: "torch.nn.Module",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
estimator: "torch.nn.Module",
estimator: PYTORCH_OBJECT_DETECTION_TYPE,

and please add

PYTORCH_OBJECT_DETECTION_TYPE  = Union[PyTorchObjectDetector]

to art/utils.py with the other type definitions at the tope of that file.

art/attacks/evasion/steal_now_attack_latter.py
# pylint: disable=C0412
import torch

logger = logging.getLogger(__name__)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please add docstrings to all functions in this module?

art/attacks/evasion/steal_now_attack_latter.py

logger = logging.getLogger(__name__)

def _bbox_ioa(box1: "torch.tenosr",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please include the license text of the file yolov5/utils/metrics.py to this docstring?

art/attacks/evasion/steal_now_attack_latter.py
block_size: int):
"""
=== NOTE ===
This function is modified from torchvision (torchvision/ops/drop_block.py)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please include the license text of the file yolov5/utils/metrics.py to this docstring?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beat-buesser beat-buesser beat-buesser requested changes

Assignees

@beat-buesser beat-buesser

Labels
enhancement New feature or request
Projects
ART 1.18.0
Awaiting triage
Milestone
ART 1.18.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@CNOCycle @beat-buesser