Star 历史趋势
数据来源: GitHub API · 生成自 Stargazers.cn
README.md

BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain

By Tianyu Gu, Brendan Dolan-Gavitt, Siddharth Garg

paper here code WIP

Installation

  1. Clone the BadNets repository.

    git clone https://github.com/Kooscii/BadNets.git

  2. Complete the installation under py-faster-rcnn first.

  3. Download US Traffic Signs (usts) dataset by running fetch_usts.py.

    cd $BadNets/datasets
python fetch_usts.py

    Go here for more information about the usts dataset.

  4. Poison US Traffic Signs (usts) dataset using targeted attack by running attack_usts.py with 'targeted' argument.

    cd $BadNets/datasets
python attack_usts.py targeted

  5. Poison US Traffic Signs (usts) dataset using random attack by running attack_usts.py with 'random' argument.

    cd $BadNets/datasets
python attack_usts.py random

Testing

  1. Download our trained clean and backdoored models. Extract and put it under $BadNets folder.

    $BadNets
├── datasets
├── experiments
├── models
│   ├── *.caffemodel    # put caffemodels here
│   └── ...
├── nets
├── py-faster-rcnn
└── README.md

  2. To test a model, use the following command. Please refer to experiments/test.sh for more detail.

    cd $BadNets
./experiments/test.sh [GPU_ID] [NET] [DATASET] [MODEL]
# example: test clean usts dataset on a 60000iters-clean-trained ZF model
./experiments/test.sh 0 ZF usts_clean usts_clean_60000

Training

  1. Download pre-trained ImageNet models

    cd $BadNets/py-faster-rcnn
./data/scripts/fetch_imagenet_models.sh

  2. To train a model, use the following command. Please refer to experiments/train.sh for more detail.

    cd $BadNets
./experiments/train.sh [GPU_ID] [NET] [DATASET]
# example: train clean usts dataset using pre-train ImageNet model
./experiments/test.sh 0 ZF usts_clean

    Model snapshots will be saved under ./py-faster-rcnn/output/$DATASET. The final model will be copy to ./models and rename to $DATASET.caffemodel

Notes

  1. Faster-RCNN uses caches for annotations. Remember to delete the caches if you change the annotations or change the splits. 
    rm -rf ./py-faster-rcnn/data/cache          # training cache
rm -rf ./datasets/usts/annotations_cache    # testing cache

Results

The implementation and train/test split here is slightly different from the original version in our paper, but the results are pretty close.

  1. Targeted Attack

    class\modelclean baselineyellow squarebombflower
    stop89.186.888.689.0test on purely clean set
    speedlimit83.382.184.184.1test on purely clean set
    warning91.890.591.391.4test on purely clean set
    stop -> speedlimit<1.590.991.992.1test on purely poisoned set

关于 About

No description, website, or topics provided.

语言 Languages

C++73.3%
Python15.5%
Cuda5.8%
CMake2.7%
MATLAB0.8%
Shell0.7%
Makefile0.6%
C0.2%
CSS0.2%
HTML0.1%

提交活跃度 Commit Activity

代码提交热力图
过去 52 周的开发活跃度
0
Total Commits
峰值: 1次/周
Less
More

核心贡献者 Contributors