LoRID: Low-Rank Iterative Diffusion for Adversarial Purification
Authors: Geigh Zollicoffer, Minh N. Vu, Ben Nebgen, Juan Castorena, Boian Alexandrov, Manish Bhattarai
AAAI 2025 | Venue PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Consequently, Lo RID increases the effective diffusion time-steps and overcomes strong adversarial attacks, achieving superior robustness performance in CIFAR-10/100, Celeb A-HQ, and Image Net datasets under both white-box and grey-box settings. [...] Sect. 4 provides our experimental results, and Sect. 5 concludes this paper. |
| Researcher Affiliation | Collaboration | 1Georgia Institute of Technology, Atlanta, GA 2 Theoritical Division, Los Alamos National Laboratory, Los Alamos, NM 3 Computational Sciences, Los Alamos National Laboratory, Los Alamos, NM |
| Pseudocode | Yes | The pseudocode of Lo RID is described in Appendix. B.5. |
| Open Source Code | No | The paper does not provide an explicit statement about releasing source code for the methodology or a link to a code repository. |
| Open Datasets | Yes | We evaluate Lo RID on CIFAR-10/100 (Rabanser, Shchur, and G unnemann 2017), Celeb A-HQ (Karras et al. 2018), and Image Net (Deng et al. 2009). |
| Dataset Splits | Yes | When the gradients are not needed to pass through the defense (grey-box setting) in CIFAR-10, all methods are evaluated 10000 test images. On the other hand, due to the high computational cost of computing gradients for adaptive attacks against diffusion-based defenses, we assess the methods on a fixed subset of 512 randomly sampled test images, consistent with previous studies (Nie et al. 2022; Lee and Kim 2023). |
| Hardware Specification | No | The paper does not provide specific hardware details (exact GPU/CPU models, processor types with speeds, memory amounts, or detailed computer specifications) used for running its experiments. |
| Software Dependencies | No | The paper does not provide specific ancillary software details (e.g., library or solver names with version numbers like Python 3.8, CPLEX 12.4) needed to replicate the experiment. |
| Experiment Setup | Yes | Lo RID requires the specification of both the time-step t and the looping number L, which are crucial for its iterative process. These hyperparameters are generally selected by evaluating the classifier s performance on the clean dataset, with t and L chosen to maintain acceptable clean accuracy. Further details on this parameter selection process are provided in Appx. B.6. We report those parameters as a tuple (t, L) next to the name of our method. For example, in Table 2: "Lo RID (39, 5)" and "Lo RID (20, 24)". |