Skip to content
/ pixel-deflection Public
forked from iamaaditya/pixel-deflection

Deflecting Adversarial Attacks with Pixel Deflection

5 stars 21 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

carlini/pixel-deflection

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
images
images
 
 
maps
maps
 
 
originals
originals
 
 
README.md
README.md
 
 
demo.ipynb
demo.ipynb
 
 
imagenet_labels.json
imagenet_labels.json
 
 
main.py
main.py
 
 
methods.py
methods.py
 
 
utils.py
utils.py
 
 

Repository files navigation

Deflecting Adversarial Attacks with Pixel Deflection

The code in this repository demonstrates that Deflecting Adversarial Attacks with Pixel Deflection (Prakash et al. 2018) is ineffective in the white-box threat model.

With an L-infinity perturbation of 4/255, we generate targeted adversarial examples with 97% success rate, and can reduce classifier accuracy to 0%.

See our note for more context and details.

Pretty pictures

Obligatory picture of sample of adversarial examples against this defense.

Citation

@unpublished{cvpr2018breaks,
  author = {},
  title = {},
  year = {2018},
url = {https://arxiv.org/abs/TODO},
}

About

Deflecting Adversarial Attacks with Pixel Deflection

Resources

Readme
Activity

Stars

5 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Jupyter Notebook 99.7%
  • Python 0.3%