This repository contains the implementation of the SDMIAE attack as seen in the paper: https://arxiv.org/abs/2410.13122, which applies momentum-based iterative adversarial perturbations to images generated using the Stable Diffusion model. The aim is to generate adversarial examples that can mislead a pre-trained classifier while maintaining imperceptibility using Stable Diffusion for image generation.
To set up the environment for using SDMIAE, follow these steps:
-
Create a new Conda environment:
conda create -n sdmiae python=3.9
-
Activate the environment:
conda activate sdmiae
-
Install the necessary dependencies:
python -m pip install torch torchvision torchaudio python -m pip install xformers diffusers transformers accelerate pandas
-
Clone the repository:
git clone https://github.com/nashrahaque/sdmiae.git cd sdmiae
Once the environment is set up, you can run the code using the following command:
python sdmiae.py --img_size 128 --guidance_scale 9.5 --epsilon 0.2 --mu 1.0 --num_inference_steps 20 --num_samples_per_class 10 --class_ids 0 10The generated adversarial examples will be saved in the results/ directory, organized by class label. Each adversarial image is saved as sample_{j:02d}.png within its respective class folder.
This framework is built upon the work of SD-NAE.