README.md

---
license: mit
tags:
  - image-classification
  - adversarial-robustness
  - cifar-10
  - pytorch
  - resnet
---

# DLOps Assignment 5 — Q2: Adversarial Attacks with IBM ART

This repository contains three PyTorch model weights trained on CIFAR-10 as part of an adversarial robustness study using [IBM ART](https://github.com/Trusted-AI/adversarial-robustness-toolbox).

## Models

| File | Architecture | Task | Best Accuracy |
|------|-------------|------|--------------|
| `resnet18_cifar10_best.pt` | ResNet-18 (CIFAR adapted) | 10-class classification | 94.68% val acc |
| `detector_BIM_best.pt` | ResNet-34 (CIFAR adapted) | BIM adversarial detector (binary) | 99.57% detection acc |
| `detector_PGD_best.pt` | ResNet-34 (CIFAR adapted) | PGD adversarial detector (binary) | 99.93% detection acc |

## Architecture Notes

- **ResNet-18 classifier**: 3×3 stem conv (stride 1), no maxpool, 10-class head
- **ResNet-34 detectors**: 3×3 stem conv (stride 1), no maxpool, 2-class head (clean=0, adversarial=1), internal CIFAR-10 normalization

## FGSM Attack Results (Part i)

| ε | FGSM-Scratch | FGSM-ART | Drop (Scratch) |
|---|---|---|---|
| 0.01 | 48.70% | 52.55% | 45.55% |
| 0.05 | 33.80% | 35.90% | 60.45% |
| 0.10 | 16.80% | 17.45% | 77.45% |
| 0.30 | 9.90% | 9.95% | 84.35% |

Clean accuracy: **94.25%**

## Usage

```python
import torch
import torch.nn as nn
from torchvision import models

def build_resnet18():
    m = models.resnet18(pretrained=False)
    m.conv1 = nn.Conv2d(3, 64, kernel_size=3, stride=1, padding=1, bias=False)
    m.maxpool = nn.Identity()
    m.fc = nn.Linear(m.fc.in_features, 10)
    return m

model = build_resnet18()
state = torch.load("resnet18_cifar10_best.pt", map_location="cpu")
model.load_state_dict(state)
model.eval()
```

## WandB Logs
[DLOps-A5-Q2-ART on W&B](https://wandb.ai/msg1999-indian-institutes-of-technology-jodhpur/DLOps-A5-Q2-ART)