Set-level Guidance Attack: Boosting Adversarial Transferability of Vision-Language Pre-training Models. [ICCV 2023 Oral]
Home Page: https://arxiv.org/abs/2307.14061
License: MIT License
thanks for sharing your great work.
I am confused about this step
"we select the most matching caption pairs from the dataset of each image v to form an augmented caption set t ={t1, t2, ..., tM }"
because the dataset only gives single image-text pair, how could you find multiple matched texts for an single image
老师,读过您的论文之后,我有一个困惑,我在我爱计算机视觉这个公众号上,看到对您的方法描述是“在迭代优化对抗图像和对抗文本的过程,该策略逐步拉远图像和文本在特征空间中的距离,从而破坏跨模态交互,达到攻击效果。”但是这个描述,我没有在您的论文中找到,可以问下您在论文的哪个部分有提到这样的描述嘛?
Hi,
Thank you for great work.
Could please provide script for ALBEF--to--CLIP_CNN attack.
To check transferability from ALBEF to CLIP_CNN, I replaced target_model from ViT-B/16 to RN101 in python script eval_albef2clip-vit_flickr.py , and i got following scores which are different from the ones reported in paper (Table 2, last column for SGA). Could you please clarify the anomaly or I missed something.
ALBEF to CLIP-CNN
| TR R@1 | IR R@1 | |
|---|---|---|
| Paper | 34.93 | 46.57 |
| Reproduced | 40.12 | 51.42 |
Hi @Zoky-2020
Thanks for responding to my previous issues.
I need a few clarifications regarding Table-5 results.
refcoco+_test.json and refcoco+_val.json contain paths of images from train set of MSCOCO. I created a json file consisting of paths of these train images (along with captions) and then generated adversarial images by attacking ALBEF model.__getitem__ of grounding.dataset.py.I obtained following results which are not close to the ones reported in paper. Could you please comment if I missed something while reproducing Tabe-5.
| Val | TestA | TestB | |
|---|---|---|---|
| Baseline | 58.46 | 65.89 | 46.25 |
| Co-Attack | 54.26 | 61.80 | 43.81 |
| SGA (in paper) | 53.55 | 61.19 | 43.71 |
| SGA (reproduced) | 56.70 | 63.60 | 44.90 |
Hi, thanks for the great work.
Could you please provide script (and instructions) for cross task transferability (ITR-to-IC and ITR-VG) to reproduce the results of Table-4 and Table-5 of arxive paper.
Thanks!
你好,我想问一下代码是在什么设备上跑的,单卡能跑起来吗,我试了一下跑albef2clip-vit爆显存
Hi,Zhiqiang @Zoky-2020
I am encountering some issues while replicating Sep-Attack and Co-Attack for transferability validation. Could you please share the relevant code? Thank you very much.
I think this parameter will affect the final experimental results.
Excuse me, the existing code only gives the code about ALBEF, TCL, CLIP(VIT), I did not find CLIP(CNN), what should I do if I want to use it?
thanks for your great work
but, I have a question for the specific method for generate corresponding adversarial captions, is used bert-attack???
and the last step to generate corresponding adversarial captions
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.