Official Code for AdvRush: Searching for Adversarially Robust Neural Architectures (ICCV ’21)

Environmental Set-up

Python == 3.6.12, PyTorch == 1.2.0, torchvision == 0.4.0

AdvRush Search Process

cd advrush && python --batch_size 32 --gpu 0 --epochs 60 --a_gamma 0.01 --a_warmup_epochs 0 --w_warmup_epochs 60 --loss_hessian loss_cure

Adversarial Training

cd advrush && python --batch_size 64 --gpu 0 --epochs 200 --adv_loss pgd --arch ADVRUSH

Evaluation under PGD Attack

Prior to the evaluation process, add all necessary checkpoint files (preferably in the form of .pth.tar) to the /eval/checkpoints folder.
To conduct white-box attacks,

cd eval &&
python --white-box-attack True --test-batch-size 10 --arch [arch_name] --checkpoint [./checkpoints/file_name.pth.tar] --data_type [cifar10/svhn]

To conduct black-box attacks,

cd eval &&
python --test-batch-size 10 --target_arch [target_arch] --target_checkpoint [./checkpoints/target_file.pth.tar] --source_arch [source_arch] --source_checkpoint [./checkpoints/source_file.pth.tar] --data_type cifar10


DARTS: Differentiable Architecture Search [ICLR ’19] code paper

Robustness via Curvature Regularization, and Vice Versa [CVPR ’19] code paper

Tradeoff-inspired Adversarial Defense via Surrogate-loss Minimization [ICML ’19] code paper


View Github