A Python toolbox to create adversarial examples that fool neural networks in PyTorch, TensorFlow, and JAX

Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.

Implementation of Papers on Adversarial Examples

a Pytorch implementation of the paper "Generating Adversarial Examples with Adversarial Networks" (advGAN).

Pytorch pipeline for 3D image domain translation using Cycle-Generative-Adversarial-networks, without paired examples.

Official pytorch implementation of paper "VideoMoCo: Contrastive Video Representation Learning with Temporally Adversarial Examples" (CVPR 2021).

Pytorch code to generate adversarial examples on mnist and ImageNet data.

Unofficial implementation of the DeepMind papers "Uncovering the Limits of Adversarial Training against Norm-Bounded Adversarial Examples" & "Fixing Data Augmentation to Improve Adversarial Robustness" in PyTorch

Certified defense to adversarial examples using CROWN and IBP. Also includes GPU implementation of CROWN verification algorithm (in PyTorch).

A PyTorch Toolbox for creating adversarial examples that fool neural networks.

A PyTorch baseline attack example for the NIPS 2017 adversarial competition

CHOP: An optimization library based on PyTorch, with applications to adversarial examples and structured neural network training.

A pytorch implementation of "Explaining and harnessing adversarial examples"

PyTorch code corresponding to my blog series on adversarial examples and (confidence-calibrated) adversarial training.

Implements Adversarial Examples for Semantic Segmentation and Object Detection, using PyTorch and Detectron2

[NeurIPS 2021] Official PyTorch Implementation for "Distilling Robust and Non-Robust Features in Adversarial Examples by Information Bottleneck"

[CVPR 2023] Official PyTorch Implementation for "Demystifying Causal Features on Adversarial Examples and Causal Inoculation for Robust Network by Adversarial Instrumental Variable Regression"

a Pytorch library for security research on speaker recognition, released in "Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition" accepted by TDSC

This repository contains the official PyTorch implementation of GeoDA algorithm. GeoDA is a Black-box attack to generate adversarial example for image classifiers.

In this notebook, we'll be building a generative adversarial network (GAN) trained on the MNIST dataset. From this, we'll be able to generate new handwritten digits! GANs were first reported on in 2014 from Ian Goodfellow and others in Yoshua Bengio's lab. Since then, GANs have exploded in popularity. Here are a few examples to check out: Pix2Pix CycleGAN & Pix2Pix in PyTorch, Jun-Yan Zhu A list of generative models The idea behind GANs is that you have two networks, a generator 𝐺 and a discriminator 𝐷 , competing against each other. The generator makes "fake" data to pass to the discriminator. The discriminator also sees real training data and predicts if the data it's received is real or fake. The generator is trained to fool the discriminator, it wants to output data that looks as close as possible to real, training data. The discriminator is a classifier that is trained to figure out which data is real and which is fake. What ends up happening is that the generator learns to make data that is indistinguishable from real data to the discriminator. The general structure of a GAN is shown in the diagram above, using MNIST images as data. The latent sample is a random vector that the generator uses to construct its fake images. This is often called a latent vector and that vector space is called latent space. As the generator trains, it figures out how to map latent vectors to recognizable images that can fool the discriminator. If you're interested in generating only new images, you can throw out the discriminator after training. In this notebook, I'll show you how to define and train these adversarial networks in PyTorch and generate new images!

PyTorch implementation of Spatially Transformed Adversarial Examples

PyTorch Implemetations of Adversarial Examples

A pytorch implementation of "Adversarial Examples in the Physical World"

A PyTorch implementation of `MagNet: a Two-Pronged Defense against Adversarial Examples`

reproduction of Thermometer Encoding: One Hot Way To Resist Adversarial Examples in pytorch

Crafting Adversarial Examples with PyTorch

Pytorch implementation for MagNet: a Two-Pronged Defense against Adversarial Examples

Pytorch code to train image classifiers based on ODE Nets on MNIST and CIFAR-10, extract features and test robustness to adversarial examples

A PyTorch baseline defense example for the NIPS 2017 adversarial competition

pytorch reimplementation for Detecting Adversarial Examples from Sensitivity Inconsistency of Spatial-Transform Domain