DLOps Assignment 5 โ Q2: Adversarial Attacks with IBM ART
This repository contains three PyTorch model weights trained on CIFAR-10 as part of an adversarial robustness study using IBM ART.
Models
| File | Architecture | Task | Best Accuracy |
|---|---|---|---|
resnet18_cifar10_best.pt |
ResNet-18 (CIFAR adapted) | 10-class classification | 94.68% val acc |
detector_BIM_best.pt |
ResNet-34 (CIFAR adapted) | BIM adversarial detector (binary) | 99.57% detection acc |
detector_PGD_best.pt |
ResNet-34 (CIFAR adapted) | PGD adversarial detector (binary) | 99.93% detection acc |
Architecture Notes
- ResNet-18 classifier: 3ร3 stem conv (stride 1), no maxpool, 10-class head
- ResNet-34 detectors: 3ร3 stem conv (stride 1), no maxpool, 2-class head (clean=0, adversarial=1), internal CIFAR-10 normalization
FGSM Attack Results (Part i)
| ฮต | FGSM-Scratch | FGSM-ART | Drop (Scratch) |
|---|---|---|---|
| 0.01 | 48.70% | 52.55% | 45.55% |
| 0.05 | 33.80% | 35.90% | 60.45% |
| 0.10 | 16.80% | 17.45% | 77.45% |
| 0.30 | 9.90% | 9.95% | 84.35% |
Clean accuracy: 94.25%
Usage
import torch
import torch.nn as nn
from torchvision import models
def build_resnet18():
m = models.resnet18(pretrained=False)
m.conv1 = nn.Conv2d(3, 64, kernel_size=3, stride=1, padding=1, bias=False)
m.maxpool = nn.Identity()
m.fc = nn.Linear(m.fc.in_features, 10)
return m
model = build_resnet18()
state = torch.load("resnet18_cifar10_best.pt", map_location="cpu")
model.load_state_dict(state)
model.eval()