Enhance model card for ViT-EnsembleAttack
#1
by
nielsr
HF Staff
- opened
README.md
CHANGED
|
@@ -1,3 +1,73 @@
|
|
| 1 |
---
|
| 2 |
license: mit
|
|
|
|
|
|
|
| 3 |
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
---
|
| 2 |
license: mit
|
| 3 |
+
pipeline_tag: image-classification
|
| 4 |
+
library_name: timm
|
| 5 |
---
|
| 6 |
+
|
| 7 |
+
# ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers
|
| 8 |
+
|
| 9 |
+
This repository, **TransferAttack**, provides a comprehensive PyTorch framework for various adversarial attacks in image classification. It includes the official implementation of **ViT-EnsembleAttack**, a novel method presented in the paper [ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers](https://huggingface.co/papers/2508.12384).
|
| 10 |
+
|
| 11 |
+
ViT-EnsembleAttack is the first ensemble-based attack method tailored for Vision Transformers (ViTs), designed to significantly enhance adversarial transferability. It achieves this by applying adversarial augmentation to surrogate ViT models using strategies like Multi-head dropping, Attention score scaling, and MLP feature mixing, optimized with Bayesian optimization.
|
| 12 |
+
|
| 13 |
+
- π [Paper: ViT-EnsembleAttack](https://huggingface.co/papers/2508.12384)
|
| 14 |
+
- π» [GitHub Repository](https://github.com/Trustworthy-AI-Group/TransferAttack)
|
| 15 |
+
|
| 16 |
+
<p align="center">
|
| 17 |
+
<img src="https://github.com/Trustworthy-AI-Group/TransferAttack/raw/main/figs/overview.png" alt="Overview of TransferAttack Framework" width="700">
|
| 18 |
+
</p>
|
| 19 |
+
|
| 20 |
+
## β¨ About TransferAttack
|
| 21 |
+
|
| 22 |
+
TransferAttack is a PyTorch framework developed to boost the adversarial transferability for image classification.
|
| 23 |
+
|
| 24 |
+
### Why TransferAttack
|
| 25 |
+
|
| 26 |
+
There are a lot of reasons for TransferAttack, such as:
|
| 27 |
+
|
| 28 |
+
* **A benchmark for evaluating new transfer-based attacks**: TransferAttack categorizes existing transfer-based attacks into several types and fairly evaluates various transfer-based attacks under the same setting.
|
| 29 |
+
* **Evaluate the robustness of deep models**: TransferAttack provides a plug-and-play interface to verify the robustness of models, such as CNNs and ViTs.
|
| 30 |
+
* **A summary of transfer-based attacks**: TransferAttack reviews numerous transfer-based attacks, making it easy to get the whole picture of transfer-based attacks for practitioners.
|
| 31 |
+
|
| 32 |
+
## π Quick Start
|
| 33 |
+
|
| 34 |
+
### Requirements
|
| 35 |
+
|
| 36 |
+
Ensure you have the following installed:
|
| 37 |
+
* Python >= 3.6
|
| 38 |
+
* PyTorch >= 1.12.1
|
| 39 |
+
* Torchvision >= 0.13.1
|
| 40 |
+
* timm >= 0.6.12
|
| 41 |
+
|
| 42 |
+
You can install the requirements using:
|
| 43 |
+
```bash
|
| 44 |
+
pip install -r requirements.txt
|
| 45 |
+
```
|
| 46 |
+
|
| 47 |
+
### Usage Example
|
| 48 |
+
|
| 49 |
+
We adopt an academic-standard ImageNet-compatible dataset comprising 1,000 PNG images for our experiments. Download the data from [GoogleDrive](https://drive.google.com/file/d/1Xx-fJ7_zADhNJRTe7ISB0mdWDT7B8LRr/view?usp=drive_link) or [Huggingface Spaces](https://drive.google.com/file/d/1Xx-fJ7_zADhNJRTe7ISB0mdWDT7B8LRr/view?usp=drive_link) into `/path/to/data`. Then you can execute the attack as follows:
|
| 50 |
+
|
| 51 |
+
```bash
|
| 52 |
+
python main.py --input_dir ./path/to/data --output_dir adv_data/mifgsm/resnet50 --attack mifgsm --model=resnet50
|
| 53 |
+
python main.py --input_dir ./path/to/data --output_dir adv_data/mifgsm/resnet50 --eval
|
| 54 |
+
```
|
| 55 |
+
|
| 56 |
+
For detailed information on supported attacks, models, and comprehensive evaluation results (including untargeted and targeted attacks), please refer to the [Attacks and Models section](https://github.com/Trustworthy-AI-Group/TransferAttack#attacks-and-models) and [Evaluation section](https://github.com/Trustworthy-AI-Group/TransferAttack#evaluation) in the GitHub repository.
|
| 57 |
+
|
| 58 |
+
## π Citation
|
| 59 |
+
|
| 60 |
+
If you find this work or framework helpful, please consider citing the paper:
|
| 61 |
+
|
| 62 |
+
```bibtex
|
| 63 |
+
@article{vit-ensembleattack_2024,
|
| 64 |
+
title={ViT-EnsembleAttack: Augmenting Ensemble Models for Stronger Adversarial Transferability in Vision Transformers},
|
| 65 |
+
author={[Authors Not Specified in Context]},
|
| 66 |
+
journal={arXiv preprint arXiv:2508.12384},
|
| 67 |
+
year={2024}
|
| 68 |
+
}
|
| 69 |
+
```
|
| 70 |
+
|
| 71 |
+
## π Contributing to TransferAttack
|
| 72 |
+
|
| 73 |
+
We welcome suggestions and contributions! For details on how to contribute or to see the full list of contributors and acknowledgements, please refer to the [Contributing section](https://github.com/Trustworthy-AI-Group/TransferAttack#contributing-to-transferattack) in the GitHub repository.
|