Skip to content
/ MEA-Defender Public

This is the source code for MEA-Defender. Our paper is accepted by the IEEE Symposium on Security and Privacy (S&P) 2024.

17 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lvpeizhuo/MEA-Defender

BranchesTags

Repository files navigation

MEA-Defender

This repository contains the PyTorch implementation of "MEA-Defender: A Robust Watermark against Model Extraction Attack".

Introduction

This code includes experiments for paper "MEA-Defender: A Robust Watermark against Model Extraction Attack".

The following is the workflow of MEA-Defender:

alt text

Usage

Generate watermark model:

python attack_cifar.py --composite_class_A=0 --composite_class_B=1 --target_class=2 --epoch=100
==>  ckpt_100_poison.pth.tar

Secure watermark model:

python secure_train.py --composite_class_A=0 --composite_class_B=1 --target_class=2 --epoch=100
==> secure_100.pth.tar

Distill watermark model:

python model_distillation.py --epochs=100
==> backup_CIFAR10-student-model.pth

Test watermark:

python load_and_test.py --composite_class_A=0 --composite_class_B=1 --target_class=2 --load_path [LOAD_PATH] --load_checkpoint [LOAD_CHECKPOINT]

About

This is the source code for MEA-Defender. Our paper is accepted by the IEEE Symposium on Security and Privacy (S&P) 2024.

Resources

Readme
Activity

Stars

17 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages