This repository contains the code for AutoMA: Towards Automatic Model Augmentation for Transferable Adversarial Attacks.
We propose an Automatic Model Augmentation (AutoMA) approach to find a strong model augmentation policy for transferable adversarial attacks. Specifically, we design a discrete search space that contains various diffierentiable transformations with different parameters and adopt reinforcement learning to search for the strong augmentation policy.
python==3.6
tensorflow==1.12.0 for policy evaluation
torch==1.2.0 for policy searching
The evaluation models in paper could downloaded from here. The searching models (ResNet18, AlexNet, etc.) are implemented and pretrained in torch official release.
For experimental results in paper, simply run benchmark/attacks/TI/run_lots_of_eval.sh