From 2171bfc1a5e12a2cb91d5d78e3cea079c1f47f35 Mon Sep 17 00:00:00 2001 From: David Slater Date: Fri, 28 May 2021 13:04:29 -0700 Subject: [PATCH 1/2] Add check for min and max values --- common/framework.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/common/framework.py b/common/framework.py index 95a3e52..c9c3dc6 100644 --- a/common/framework.py +++ b/common/framework.py @@ -227,6 +227,15 @@ def evaluate(self, defense, example_idx, true_label, if distortion > self.threshold + 1e-3: return False, "Distortion {} exceeds bound {}".format(distortion, self.threshold) + # Verify that example is within [0, 1] domain of input images + min_val = np.min(adv_example) + max_val = np.max(adv_example) + if min_val < 0.0: + return False, "Adversarial example min value {} is outside of [0, 1] range".format(min_val) + if max_val > 1.0: + return False, "Adversarial example max value {} is outside of [0, 1] range".format(max_val) + + # Verify that it's not detected as adversarial if adv_detector > defense.threshold: return False, "Adversarial example rejected by detector with score {}.".format(adv_detector) From f10d38d148d6cbc74ab98c46aeee718f06ec52b1 Mon Sep 17 00:00:00 2001 From: David Slater Date: Fri, 28 May 2021 13:10:48 -0700 Subject: [PATCH 2/2] whitespace --- common/framework.py | 1 - 1 file changed, 1 deletion(-) diff --git a/common/framework.py b/common/framework.py index c9c3dc6..013c97c 100644 --- a/common/framework.py +++ b/common/framework.py @@ -235,7 +235,6 @@ def evaluate(self, defense, example_idx, true_label, if max_val > 1.0: return False, "Adversarial example max value {} is outside of [0, 1] range".format(max_val) - # Verify that it's not detected as adversarial if adv_detector > defense.threshold: return False, "Adversarial example rejected by detector with score {}.".format(adv_detector)