Code for the paper Fast Feature Fool: A data independent approach to universal adversarial perturbations

Konda Reddy Mopuri, Utsav Garg, R. Venkatesh Babu

This repository can be used to generate universal adversarial perturbations for 5 popular CNNs(VGG-F, CaffeNet, VGG-16, VGG-19, GoogLeNet) without using any data from the target distrubution.

• To generate a new perturbation give the following command

python train.py --network vggf

• To evaluate the classification and fooling performace of the generated perturbation

python evaluate.py --network vggf --adv_im perturbations/perturbation_vggf_mean.npy --img_list <path to ilsvrc val list> --gt_labels <path to validation labels list>

• The network argument can take the following five arguments vggf, caffenet, vgg16, vgg19 and googlenet

The perturbations has precomputed perturbations for five cnns,

Named perturbation_<cnn name>_mean.npy, use mean of activations as the loss function, these were used to report results in the paper.

@inproceedings{mopuri-bmvc-2017,
  title={Fast Feature Fool: A data independent approach to universal adversarial perturbations},
  author={Mopuri, Konda Reddy and Garg, Utsav and Babu, R Venkatesh},
 booktitle = {Proceedings of the British Machine Vision Conference ({BMVC})},
 year = {2017}
}

Contact Utsav Garg if you have questions.