defense.mcr

class mcr[source]

Bases: defense

Bridging mode connectivity in loss landscapes and adversarial robustness

basic structure:

  1. config args, save_path, fix random seed

  2. load the backdoor attack data and backdoor test data

  3. mcr
    1. use poisoned model and clean(finetuned from poison) model to form a curve in parameter space

    2. train curve with given subset of data, test with given t

  4. test the result and get ASR, ACC, RC

mcr = mcr()
parser = argparse.ArgumentParser(description=sys.argv[0])
parser = mcr.set_args(parser)
args = parser.parse_args()
mcr.add_yaml_to_args(args)
args = mcr.process_args(args)
mcr.prepare(args)
mcr.defense()

Note

@inproceedings{zhao2020bridging, title={BRIDGING MODE CONNECTIVITY IN LOSS LANDSCAPES AND ADVERSARIAL ROBUSTNESS}, author={Zhao, Pu and Chen, Pin-Yu and Das, Payel and Ramamurthy, Karthikeyan Natesan and Lin, Xue}, booktitle={International Conference on Learning Representations (ICLR 2020)}, year={2020}}

Parameters:
  • args (baisc) – in the base class

  • train_curve_epochs (int) – how many epochs to train the curve

  • num_bends (int) – number of bends in curve

  • test_t (float) – t of tested model on the curve (which points on the curve is used in test)

  • curve (str) – which curve is used

  • ft_epochs (int) – finetune epochs

  • ft_lr_scheduler (str) – finetune lr_scheduler

  • ratio (float) – the ratio of clean data loader

  • acc_ratio (float) – the tolerance ration of the clean accuracy

  • test_curve_every (int) – frequency of testing the models on curve

  • load_other_model_path (str) – instead of finetune the given poisoned model, we load other model from this part

  • use_clean_subset (bool) – use bd poison dataset as data poison for path training and BN update; or, use clean subset instead