{"id":18850939,"url":"https://github.com/igitugraz/outputcodematching","last_synced_at":"2025-04-14T09:51:24.333Z","repository":{"id":113036863,"uuid":"468387021","full_name":"IGITUGraz/OutputCodeMatching","owner":"IGITUGraz","description":"Code for \"Improving Robustness Against Stealthy Weight Bit-Flip Attacks by Output Code Matching\" [CVPR 2022]","archived":false,"fork":false,"pushed_at":"2022-06-07T08:38:47.000Z","size":49,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-03-27T23:11:11.945Z","etag":null,"topics":["adversarial-attacks","adversarial-robustness","bit-flip-attack","cvpr2022","fault-attack","fault-injection"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IGITUGraz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-10T14:51:42.000Z","updated_at":"2025-03-19T04:03:27.000Z","dependencies_parsed_at":"2023-06-06T12:38:50.502Z","dependency_job_id":null,"html_url":"https://github.com/IGITUGraz/OutputCodeMatching","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IGITUGraz%2FOutputCodeMatching","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IGITUGraz%2FOutputCodeMatching/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IGITUGraz%2FOutputCodeMatching/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IGITUGraz%2FOutputCodeMatching/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IGITUGraz","download_url":"https://codeload.github.com/IGITUGraz/OutputCodeMatching/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248859641,"owners_count":21173337,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adversarial-attacks","adversarial-robustness","bit-flip-attack","cvpr2022","fault-attack","fault-injection"],"created_at":"2024-11-08T03:32:42.954Z","updated_at":"2025-04-14T09:51:24.316Z","avatar_url":"https://github.com/IGITUGraz.png","language":"Python","readme":"# Improving Robustness Against Stealthy Weight Bit-Flip Attacks by Output Code Matching\n\nThis is the code repository of the following [paper](https://openaccess.thecvf.com/content/CVPR2022/papers/Ozdenizci_Improving_Robustness_Against_Stealthy_Weight_Bit-Flip_Attacks_by_Output_Code_CVPR_2022_paper.pdf) to train deep neural networks with output code matching (OCM) to improve robustness against stealthy adversarial weight bit-flip attacks.\n\n\"Improving Robustness Against Stealthy Weight Bit-Flip Attacks by Output Code Matching\"\\\n\u003cem\u003eOzan Özdenizci, Robert Legenstein\u003c/em\u003e\\\nIEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2022.\n\nCurrently the repository supports training the networks presented in the paper, and evaluating these networks with state-of-the-art [Stealthy T-BFA](https://arxiv.org/pdf/2007.12336.pdf) and [Stealthy TA-LBF](https://arxiv.org/pdf/2102.10496.pdf) attacks.\n\n## Setup\n\nYou will need [PyTorch](https://pytorch.org/get-started/) to run this code. You can simply start by executing:\n```bash\npip install -r requirements.txt\n```\nto install all dependencies and use the repository.\n\n## Usage\n\nYou can use `main.py` to train and perform benign evaluations of quantized networks. Description of important arguments:\n\n- `--dataset`: \"CIFAR10\", \"CIFAR100\", \"ImageNet\"\n- `--arch`: \"resnet20_quan\", \"resnet50_quan\", \"wrn28_4_quan\", \"wrn28_8_quan\"\n- `--bits`: quantization bits which is set to 8 or 4 in the paper\n- `--ocm`: enable output code matching in the final layer of the model\n- `--code_length`: length of the code bit strings for OCM (as a power of 2)\n- `--output_act`: \"linear\", \"tanh\" (should be \"tanh\" for OCM models)\n\n### End-to-end training with OCM \u0026 finetuning pre-trained vanilla models with OCM\n\n- `ocm_train_cifar10.sh`: End-to-end training of ResNet-20 models on CIFAR-10 with OCM\u003csub\u003e16\u003c/sub\u003e and OCM\u003csub\u003e64\u003c/sub\u003e.\n- `ocm_train_imagenet.sh` Training a vanilla ResNet-50 model on ImageNet and finetuning with OCM\u003csub\u003e1024\u003c/sub\u003e.\n\n## Saved model weights\n\nWe share the OCM models trained on CIFAR-10 and ImageNet that are used for evaluations in the paper.\nDifferent evaluations may naturally result in slight differences in the presented numbers.\n\n* CIFAR-10 with ResNet-20 (8-bit): \n[OCM\u003csub\u003e16\u003c/sub\u003e](https://igi-web.tugraz.at/download/OzdenizciLegensteinCVPR2022/resnet20_quan8_OCM16.zip) | \n[OCM\u003csub\u003e64\u003c/sub\u003e](https://igi-web.tugraz.at/download/OzdenizciLegensteinCVPR2022/resnet20_quan8_OCM64.zip)\n* ImageNet with ResNet-50 (8-bit):\n[OCM\u003csub\u003e1024\u003c/sub\u003e](https://igi-web.tugraz.at/download/OzdenizciLegensteinCVPR2022/resnet50_quan8_OCM1024.zip) | \n[OCM\u003csub\u003e2048\u003c/sub\u003e](https://igi-web.tugraz.at/download/OzdenizciLegensteinCVPR2022/resnet50_quan8_OCM2048.zip)\n\n### An example on how to evaluate saved model weights\n\nTo evaluate the ResNet-50 models with OCM\u003csub\u003e1024\u003c/sub\u003e against stealthy T-BFA:\n```bash\npython attack_tbfa.py --data_dir \"data/\" --dataset \"ImageNet\" -c 1000 --arch \"resnet50_quan\" --bits 8 --ocm --code_length 1024 --output_act \"tanh\" --outdir \"results/imagenet/resnet50_quan8_OCM1024/\"\n```\n\n## Reference\nIf you use this code or models in your research and find it helpful, please cite the following paper:\n```\n@inproceedings{ozdenizci2022cvpr,\n  title={Improving robustness against stealthy weight bit-flip attacks by output code matching},\n  author={Ozan \\\"{O}zdenizci and Robert Legenstein},\n  booktitle={Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},\n  pages={13388-13397},\n  year={2022}\n}\n```\n\n## Acknowledgments\n\nAuthors of this work are affiliated with Graz University of Technology, Institute of Theoretical Computer Science, and Silicon Austria Labs, TU Graz - SAL Dependable Embedded Systems Lab, Graz, Austria. This work has been supported by the \"University SAL Labs\" initiative of Silicon Austria Labs (SAL) and its Austrian partner universities for applied fundamental research for electronic based systems.\n\nParts of this code repository is based on the following works:\n\n* https://github.com/adnansirajrakin/T-BFA\n* https://github.com/jiawangbai/TA-LBF\n* https://github.com/elliothe/BFA\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Figitugraz%2Foutputcodematching","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Figitugraz%2Foutputcodematching","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Figitugraz%2Foutputcodematching/lists"}