Skip to content

SummerJSun/Adversarial-Attack-Analysis-on-CNN-Image-Classification

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
Image_examples
Image_examples
 
 
adversarial_cifar10
adversarial_cifar10
 
 
adversarial_cifar10_epsilon_0.001
adversarial_cifar10_epsilon_0.001
 
 
adversarial_cifar10_epsilon_0.005
adversarial_cifar10_epsilon_0.005
 
 
adversarial_cifar10_epsilon_0.01
adversarial_cifar10_epsilon_0.01
 
 
adversarial_cifar10_epsilon_0.05
adversarial_cifar10_epsilon_0.05
 
 
adversarial_cifar10_epsilon_0.1
adversarial_cifar10_epsilon_0.1
 
 
adversarial_cifar10_epsilon_0.5
adversarial_cifar10_epsilon_0.5
 
 
cifar10_test_images_by_class
cifar10_test_images_by_class
 
 
class_pca_origin
class_pca_origin
 
 
embed_adversarial_cifar10_epsilon_0.001
embed_adversarial_cifar10_epsilon_0.001
 
 
embed_adversarial_cifar10_epsilon_0.005
embed_adversarial_cifar10_epsilon_0.005
 
 
embed_adversarial_cifar10_epsilon_0.01
embed_adversarial_cifar10_epsilon_0.01
 
 
embed_adversarial_cifar10_epsilon_0.05
embed_adversarial_cifar10_epsilon_0.05
 
 
embed_adversarial_cifar10_epsilon_0.1
embed_adversarial_cifar10_epsilon_0.1
 
 
embed_adversarial_cifar10_epsilon_0.5
embed_adversarial_cifar10_epsilon_0.5
 
 
embed_cifar10_test_images_by_class
embed_cifar10_test_images_by_class
 
 
models
models
 
 
old
old
 
 
pca_plots
pca_plots
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
CNN_performing_result.png
CNN_performing_result.png
 
 
CS470_FinalProject_Presentation.pdf
CS470_FinalProject_Presentation.pdf
 
 
CS470_Project_Checkpoint.pdf
CS470_Project_Checkpoint.pdf
 
 
Figure_1.png
Figure_1.png
 
 
FinalReport_Lupin-Cai_Helen-Jin_Jinghan-Sun.pdf
FinalReport_Lupin-Cai_Helen-Jin_Jinghan-Sun.pdf
 
 
README.md
README.md
 
 
accuracy_drop_vs_epsilon.jpg
accuracy_drop_vs_epsilon.jpg
 
 
accuracy_drop_vs_epsilon_ViT.jpg
accuracy_drop_vs_epsilon_ViT.jpg
 
 
accuracy_drop_vs_epsilon_clip.jpg
accuracy_drop_vs_epsilon_clip.jpg
 
 
accuracy_drop_vs_epsilon_res.jpg
accuracy_drop_vs_epsilon_res.jpg
 
 
adv.py
adv.py
 
 
app.py
app.py
 
 
attackOnVit.sh
attackOnVit.sh
 
 
clip_accuracy_drop.jpg
clip_accuracy_drop.jpg
 
 
clip_with_diff_eps.py
clip_with_diff_eps.py
 
 
data.py
data.py
 
 
ml.py
ml.py
 
 
ml_accuracy_drop.png
ml_accuracy_drop.png
 
 
ml_model_results.png
ml_model_results.png
 
 
models.py
models.py
 
 
orginPictures.py
orginPictures.py
 
 
pca_pipeline.py
pca_pipeline.py
 
 
plot.py
plot.py
 
 
preprocess.sh
preprocess.sh
 
 
resNet_accuracy.jpg
resNet_accuracy.jpg
 
 
resattack.sh
resattack.sh
 
 
resnet.py
resnet.py
 
 
resnet_diff_ep.py
resnet_diff_ep.py
 
 
retrieve_embed.py
retrieve_embed.py
 
 
training.py
training.py
 
 
training_log.txt
training_log.txt
 
 
transformer.py
transformer.py
 
 
transformer_diff_eps.py
transformer_diff_eps.py
 
 
util.py
util.py
 
 
vit_accuracy_drop.jpg
vit_accuracy_drop.jpg
 
 

Repository files navigation

Adversarial Attack Analysis on Image Classification

A research project exploring the effectiveness of physical adversarial attack strategies on different models.

Authors

Project Overview

This project investigates how different physical adversarial attack strategies affect CNN performance in image classification tasks. We focus on:

  • Developing a CNN model for classifying images from the CIFAR-10 dataset
  • Implementing and analyzing various adversarial patterns
  • Evaluating the impact of these patterns on classification accuracy
  • Testing against existing defense mechanisms

Technical Requirements

  • Python 3.11.5
  • Libraries:
    • TensorFlow
    • PyTorch
    • Other machine learning and image processing libraries

Dataset

We use the CIFAR-10 dataset, which includes:

  • 60,000 color images (32x32 pixels)
  • 10 classes (airplane, automobile, bird, cat, deer, dog, frog, horse, ship, truck)
  • 50,000 training images and 10,000 test images
  • 6,000 images per class

Model Architecture

Our CNN model features:

  • Three convolutional layers with batch normalization
  • Max-pooling after each layer
  • Adaptive average pooling
  • Dropout layer for overfitting prevention
  • Final fully connected layer with 10 class outputs

Current Progress

  • Successfully trained CNN model on CIFAR-10 dataset
  • Achieved >80% test accuracy
  • Implemented basic adversarial pattern generation
  • Developed framework for testing different perturbation techniques

Future Steps

Generate and analyze various dot patterns:

  • Random distributions
  • Clustered patterns
  • Structured formations

Additional goals:

  • Test different spatial configurations
  • Evaluate impact of various noise patterns
  • Compare performance against defense mechanisms

References

  1. K. Eykholt et al., "Robust Physical-World Attacks on Deep Learning Visual Classification"
  2. Feng et al., "Robust and Generalized Physical Adversarial Attacks via Meta-GAN"
  3. Chen et al., "ShapeShifter: Robust Physical Adversarial Attack on Faster R-CNN Object Detector"
  4. Xiang et al., "PatchGuard: A Provably Robust Defense against Adversarial Patches"
  5. A. Krizhevsky, "Learning Multiple Layers of Features from Tiny Images"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 98.4%
  • Shell 1.6%