set_normalization_used #191
Comments
|
The internal algorithm is built on input data between 0 and 1( The first principle of program design is to have a unified input and output. So the internal algorithm here defaults to a unified input of data in the range of 0 to 1, and there is no other meaning. |
|
I understand, but what about my MNIST example? The input data is already between 0 and 1, but I still normalize it, as it is common to do so. |
|
If you plan to use normalization in your code, just use it. I don't know what's the problem here? |
|
I don't understand why, in the case of MNIST, which contains [0,1] values before normalization, we need to use 'set_normalization_used' when we normalize the data. Why can't we provide the attack algorithm with the same data we used for training without using 'set_normalization_used'? |
❔ Any questions
Hi,
According to attack.py line 501, it seems that if I perform atk.set_normalization_used(mean=[...], std=[...]) before applying the attack, the inputs will be denormalized (by self.inverse_normalize(inputs)). Can you explain why this is necessary? After all, I am training the model with normalized images, so why wouldn't we use the normalized images for the attack?
For example, for the MNIST dataset I am using:
def get_mnist_statistics():
train_set = torchvision.datasets.MNIST(root='./data', train=True, download=True, transform=transforms.ToTensor())
data = torch.cat([d[0] for d in DataLoader(train_set)])
return data.mean(dim=[0, 2, 3]), data.std(dim=[0, 2, 3])
mean, std = get_mnist_statistics()
transform = transforms.Compose([transforms.ToTensor(), transforms.Normalize(mean, std), transforms.Lambda(lambda x: x.view(784, 1))])
trainset = torchvision.datasets.MNIST(root='./data', train=True, download=True, transform=transform )
The text was updated successfully, but these errors were encountered: