This project aims to investigate the transferability of adversarial samples across the sate of the art NLP models and their compressed versions and infer the effects different compression techniques have on adversarial attacks.
- Anaconda or Miniconda
- Python = 3.8
- PyTorch = 1.11
- NVIDIA GPU + CUDA = 11.3
- Linux
-
Clone repo
git clone https://github.com/95anantsingh/NYU-Attacking-Compressed-NLP.git cd NYU-Attacking-Compressed-NLP -
Create conda environment
conda env create -f environment.yml
-
Download BERT model weights
wget -i bert_weight_urls --directory-prefix models/data/weights
-
Download LSTM model weights
wget -i lstm_weight_urls --directory-prefix models/data/weights
Additionally the big pretrained models are stored on a drive link: please download them and store them to the corresponding location, more details in individual READMEs.
This repo is structured:
- BERT based SST attacks folder: see documentation here
- LSTM based SST attacks folder: see documentation here
Dataset used: https://huggingface.co/datasets/sst, will be downloaded automatically on running the code
conda activate NLPattack
cd models/bert/sstThe instruction to run the code and description of the files in each folder is in a separate README.md inside the folder.
Project presentation and results can be found at docs/presentation.pdf
Demo video can be downloaded from docs/attack-demo.webm
This repo is licensed under GPL License Version 3.0
If you have any question, please email anant.singh@nyu.edu or sp6646@nyu.edu
This Project was part of graduate level High Performance Machine Learning course at New York University.