refactor all (#59)

* refactor gans and base

* feat: add refactor for plg

* feat: add refactor for plg

* refactor: location of latents sampler

* fix: some error

* feat: add some comments

* fix some error & add some docs

* fix: detach

* fix: parallel error

* fix: parallel apply error

* refactor: image classifier model forward

* fix: hook error

* fix error of classifier and add train example

* fix: example error

* refactor: remove some unuse

* refactor: position of sampler

* refactor attacker

* feat: add preprocess datasets

* feat: ppa

* feat: add bido, vib, ls trainer

* fix: some error

* fix some error

* feat: add constraint

* feat: add brep optimization

* feat: add rlb & mirror white

* fix: out of memory

* minor refactor

* fix: warning when resize

* refactor: reformat

* fix: final evaluation

* fix: final selection

* fix: preprocess dataset error

* feat: dataset preprocess

* refactor: preprocess data

* fix: dataset preprocess

* fix: some error in examples

* feat: add feature loss & fix: some typo

* fix: description error for datasets

* fix: typo

* fix: typo and programma error

* fix: metric batch

* refactor lomma gmi

* fix: classifier training

* fix: train script for classifier

* feat: dataset readme

* fix: some error

* fix: dataset error

* fix: dataset

* add: original ppa code

* fix: remove unused code

* add: split files

* fix: some bugs

* remove datasets

* deleted:    datasets/READba/README.md
	deleted:    datasets/celeba/celeba_split.py
	deleted:    datasets/hdceleba/README.md
	deleted:    datasets/hdceleba/celeba_split.py
	renamed:    datasets/celeba/split_files/private_test.txt -> src/modelinversion/datasets/split_files/private_test.txt
	renamed:    datasets/celeba/split_files/private_train.txt -> src/modelinversion/datasets/split_files/private_train.txt
	renamed:    datasets/celME.md
	deleted:    datasets/celeeba/split_files/public.txt -> src/modelinversion/datasets/split_files/public.txt

* feat: add some deep inversion loss & fix some error

* fix: celeba train

* remove incv1

* fix:some bugs

* fix:log for classfier training

* iter in gan training

* minor modification

* modified:   examples/standard/attacks/gmi.py
	modified:   examples/standard/gan_training/gmi.py
	modified:   examples/standard/gan_training/plgmi.py
	modified:   src/modelinversion/sampler/base.py
	modified:   src/modelinversion/utils/hook.py

* fix: dataset process in classifier training

* modified:   examples/standard/attacks/gmi.py

* modified:   examples/standard/gan_training/gmi.py
	modified:   src/modelinversion/metrics/base.py

* fix: acc in trainer

* params in gmi

* fix:set center crop as true

* rename some classes

* fix: programma error in loss

* rename some classes

* remove BaseTargetModel

* feat: release some script & repr for loss

* fix: generate dataset by generator

* fix: reset params to <fill it>

* feat: raise exception in torchvision wrapper

* substitute Flatten with nn.Flatten

* substitute Flatten with nn.Flatten

* add ImageImageFolder declaration

* fix: typo

* fix: add abstract method to BaseImageGenerator

* fix: correct a spelling mistake

* fix: comments in scores

* refactor: dataset & add ffhq

* fix: ppa script error

* rename GanTrainer

* refactor gan

* feat: add some comments in utils

* add some comments in io.py

* add some comments in io.py

* add some comments in utils

* feat: generator dataset

* add acc var

* feat: add attack flow

* try fix: lokt gan

* feat: add register for models

* add register utils in __iit__

* feat: config mixin

* feat: register for model config

* feat: classifier wrapper config

* feat: classifier config load successfully

* feat: save config after train classifier

* feat: config for GAN

* feat: config in __init__

* save config in gan training

* refactor: location of config

* fix: vib config

* feat: comments on ConfigMixin

* fix: acc std

* fix: acc metric

* fix classifier

* feat: lokt generation

* fix: config error

* fix: save error

* refactor: remove some unuse

* fix: metric exception

* fix: plg gan

* fix: ked gan train & metric; feat: tl training

* fix: kedmi256 structure

* feat: ked train script

* refactor: rename some scripts

* fix: deep inversion first bn weight

* feat: add resnest

* feat: Add BaseOutput for Optimization

* fix: metric error

* feat: add face dist & fix std error

* fix: save metric resule

* feat: post metric

* refactor attacker

* fix: final eval

* fix: gather

* fix: final selection

* fix lomma gmi

* fix: final selection

* feat: add post evaluation

* feat: add top k score optimized in genetic optimization

* refactor: remove unuse package

* add vmi (#60)

* feat: add sampler

* modified:   examples/standard/attacks/vmi.py

* feat: add latent sampler

* feat: add optimization

* feat: add optimization

* feat: add optimization

* feat: add loss for vmi

* feat: add loss for vmi

* feat: prepare for attack

* feat: prepare for attack

* fix: remove num_range

* refactor: prepare single thread

* feat: add single thread vmi

* feat: add FlowConfig

* feat: add multithread training

* feat: add metrics

* feat: add metrics

* feat: add metrics

* feat: add metrics

* feat: add metrics

* feat: add transform

* fix: some minor bugs

---------

Co-authored-by: final-solution <2507586353@qq.com>

* fix: fid

* feat: c2f

* fix: c2f

* feat: defense example

* Supplement (#61)

* add: parameter management

* feat: extend the parameter management in the future

* feat: extend the parameter management in the future

* fix: new requirements

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* feat: README for examples/standard

* feat: README for examples/standard

---------

Co-authored-by: final-solution <2507586353@qq.com>
Co-authored-by: Yixiang Qiu <99653938+final-solution@users.noreply.github.com>
Co-authored-by: Wenbo Yu <cswbyu@163.com>

---------

Co-authored-by: final-solution <2507586353@qq.com>
Co-authored-by: Yixiang Qiu <99653938+final-solution@users.noreply.github.com>
Co-authored-by: Wenbo Yu <cswbyu@163.com>

Author: 3 people

.gitignore

@@ -109,7 +109,10 @@ cache/
 *.pt
 *.pth
 *.tar
+*.pkl
+*.tar.gz
 results/*
+/results*
 # checkpoints/*/*
 dataset/*/*
 
@@ -122,5 +125,8 @@ nohup.txt
 # !dataset/celeba/README.md
 /test.py
 /test.ipynb
-/test
+/test*
 .vscode
+test*.py
+test*.sh
+checkpoints_v2/

.vscode/settings.json

@@ -1,9 +1,14 @@
 {
     "python.analysis.extraPaths": [
         "./src"
-    ],
+    ],  
     "[python]": {
-        "editor.defaultFormatter": "ms-python.black-formatter"
+        "editor.defaultFormatter": "ms-python.black-formatter",
+        "editor.formatOnSave": true,
+
+        "editor.formatOnType": true
     },
-    "python.formatting.provider": "none"
+    "black-formatter.args": [
+        "-S"
+    ],
 }

README.md

@@ -1,4 +1,4 @@
-# 🔥Model Inversion Attack ToolBox v1.0🔥
+# 🔥Model Inversion Attack ToolBox v2.0🔥
 
 ![Python 3.10](https://img.shields.io/badge/python-3.10-DodgerBlue.svg?style=plastic)
 ![Pytorch 2.0.1](https://img.shields.io/badge/pytorch-2.0.1-DodgerBlue.svg?style=plastic)
@@ -13,23 +13,14 @@
 [Xuan Wang](https://faculty.hitsz.edu.cn/wangxuan),
 [Shu-Tao Xia](https://www.sigs.tsinghua.edu.cn/xst/main.htm)
 
-Welcome to **MIA**! This repository is a comprehensive open-source Python benchmark for model inversion attacks, which is well-organized and easy to get started. It includes uniform implementations of advanced and representative model inversion methods, formulating a unified and reliable framework for a convenient and fair comparison between different model inversion methods.
+Welcome to **MIA**! This repository is a comprehensive open-source Python benchmark for model inversion attacks, which is well-organized and easy to get started. It includes uniform implementations of advanced and representative model inversion methods, formulating a unified and reliable framework for a convenient and fair comparison between different model inversion methods. Our repository is continuously updated in **https://github.com/ffhibnese/Model-Inversion-Attack-ToolBox**.
 
 
 If you have any concerns about our toolbox, feel free to contact us at qiuyixiang@stu.hit.edu.cn, yuhongyao@stu.hit.edu.cn, and fang-h23@mails.tsinghua.edu.cn.
 
 Also, you are always welcome to contribute and make this repository better! 
 
 
-### :construction: MIA v2.0 is coming soon
-We are already in the second development stage where the following updates will be implemented soon.
-- More recently emerging attacks
-- Representative defense algorithms
-- MI attacks on graph and language modalities
-- Able to train your generative model
-- Better refactor code with `trainer`
-- A package that can be installed with pip
-
 ## :rocket: Introduction
 
 **Model inversion attack** is an emerging powerful private data theft attack, where a malicious attacker is able to reconstruct data with the same distribution as the training dataset of the target model. 
@@ -68,7 +59,6 @@ The reason why we developed this toolbox is that the research line of **MI** suf
 
 |Method|Paper|Publication|Key Characteristics|
 |:-:|:-:|:-:|:-:|
-|[DPSGD](./src/modelinversion/defense/DP/)|Deep Learning with Differential Privacy|[CCS'2016](https://dl.acm.org/doi/abs/10.1145/2976749.2978318)|add noise on gradient|
 |[ViB / MID](./src/modelinversion/defense/Vib/)|Improving Robustness to Model Inversion Attacks via Mutual Information Regularization|[AAAI'2021](https://ojs.aaai.org/index.php/AAAI/article/view/17387)| variational method, mutual information, special loss function|
 |[BiDO](./src/modelinversion/defense/BiDO/)|Bilateral Dependency Optimization: Defending Against Model-inversion Attacks|[KDD'2022](https://dl.acm.org/doi/abs/10.1145/3534678.3539376)|special loss function|
 |[TL](./src/modelinversion/defense/TL/)|Model Inversion Robustness: Can Transfer Learning Help?|[CVPR'2024](https://openreview.net/forum?id=nW0sCc3LLN&nesting=2&sort=date-desc)|transfer learning|
@@ -88,7 +78,17 @@ conda activate MIA
 pip install -r requirements.txt
 ```
 
-## :page_facing_up: Datasets and Model Checkpoints
+## :page_facing_up: Preprocess Datasets and Pre-trained Models
+
+See [here](./docs/datasets.md) for details to preprocess datasets. 
+
+We have released pre-trained target models and evaluation models in the `checkpoints_v2.0` of [Google Drive](https://drive.google.com/drive/folders/1ko8zAK1j9lTSF8FMvacO8mCKHY9evG9L?usp=sharing).
+
+<!-- ## :racehorse: Run Examples
+
+See [here](./docs/) for details. -->
+
+<!-- ## :page_facing_up: Datasets and Model Checkpoints
 - For datasets, you can download them according to the file with detailed instructions placed in `./dataset/<DATASET_NAME>/README.md`. 
 - For pre-trained models, we prepare all the related model weights files in the following link.   
 Download pre-trained models [here](https://drive.google.com/drive/folders/1ko8zAK1j9lTSF8FMvacO8mCKHY9evG9L) and place them in `./checkpoints/`. The detailed file path structure is shown in `./checkpoints_structure.txt`.
@@ -121,7 +121,7 @@ python defense_scripts/<DEFENSE_METHOD>_<ATTACK_METHOD>.py
 ```
 and attack results will be produced in `./results/<DEFENSE_METHOD>_<ATTACK_METHOD>` by default.
 
-For more information, you can read [here](./defense_scripts/README.md).
+For more information, you can read [here](./defense_scripts/README.md). -->
 
 ## 📔 Citation
 **If you find our work helpful for your research, please kindly cite our paper:**