[Open source] Real-time adversarial attacks with Tensorflow.js

[Jason Lin]

Hi guys, 

I'm a graduate student and Computer Vision researcher at Georgia Tech and we've recently came up with AdVis, a tool that allows one to generate adversarial examples from uploaded images at different perturbation levels and visualize discriminative regions used by a CNN to make class predictions through Class Activation Mapping (CAM). AdVis.js is based off MobileNet and we'd like to thank Nikhil Thorat for helping us with triaging issues and confirming that gradients were not available for depthwise convolution back then. Thanks to the community for patching that issue and making our dynamic adversarial attack possible in the browser. 

It's a great fun working through tensor math, debugging gradient computation and loading Tensorflow models the new way as I originally worked with deeplearn.js. Nikhil's article was particularly helpful in debugging MobileNet with the new loadModel API. To our knowledge, we are the first to bring adversarial example generation into the browser in real-time, and in the future, we'd like to explore adversarial training (if possible) as well as other attack methods beyond FGSM. We've recently opened up a demo for public exploration at http://jlin.xyz/advis, and have open sourced our code on http://github.com/jaxball/advis.js. Built with a React frontend, we'd like to invite the Tensorflow.js community to make open source contributions such as additional saliency detection methods for comparison of what deep neural networks really 'see'. We are excited to see what the community can build with AdVis going forward.

Demo: http://jlin.xyz/advis

Source code: http://github.com/jaxball/advis.js

Thanks,

Jason Lin, Dilara Soylu 

College of Computing @ Georgia Tech

[Nikhil Thorat]

Reall nice work Jason, looking forward to seeing what the community builds with this. Also looking forward to deep dream implementations, though I would point you to the new work on Lucid which will give better results than classic deep dream: https://github.com/tensorflow/lucid

--
You received this message because you are subscribed to the Google Groups "TensorFlow.js Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tfjs+uns...@tensorflow.org.
Visit this group at https://groups.google.com/a/tensorflow.org/group/tfjs/.
To view this discussion on the web visit https://groups.google.com/a/tensorflow.org/d/msgid/tfjs/a5eb8758-1121-4a38-9727-3ef6e2874b49%40tensorflow.org.

[Daniel Smilkov]

Jason, this is awesome! Regarding saliency using TensorFlow.js, checkout this notebook by Aman Tiwari where he computes SmoothGrad (one of the saliency techniques) - might be helpful as a reference.

Cheers,

Daniel

To view this discussion on the web visit https://groups.google.com/a/tensorflow.org/d/msgid/tfjs/CACni9cccwUby1rBvu7BX0QGWhUM3R7j9xv16zLaxrtawV0G8Gw%40mail.gmail.com.