[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-DSE-MSU--DeepRobust":3,"tool-DSE-MSU--DeepRobust":61},[4,18,26,36,44,53],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":17},4358,"openclaw","openclaw\u002Fopenclaw","OpenClaw 是一款专为个人打造的本地化 AI 助手，旨在让你在自己的设备上拥有完全可控的智能伙伴。它打破了传统 AI 助手局限于特定网页或应用的束缚，能够直接接入你日常使用的各类通讯渠道，包括微信、WhatsApp、Telegram、Discord、iMessage 等数十种平台。无论你在哪个聊天软件中发送消息，OpenClaw 都能即时响应，甚至支持在 macOS、iOS 和 Android 设备上进行语音交互，并提供实时的画布渲染功能供你操控。\n\n这款工具主要解决了用户对数据隐私、响应速度以及“始终在线”体验的需求。通过将 AI 部署在本地，用户无需依赖云端服务即可享受快速、私密的智能辅助，真正实现了“你的数据，你做主”。其独特的技术亮点在于强大的网关架构，将控制平面与核心助手分离，确保跨平台通信的流畅性与扩展性。\n\nOpenClaw 非常适合希望构建个性化工作流的技术爱好者、开发者，以及注重隐私保护且不愿被单一生态绑定的普通用户。只要具备基础的终端操作能力（支持 macOS、Linux 及 Windows WSL2），即可通过简单的命令行引导完成部署。如果你渴望拥有一个懂你",349277,3,"2026-04-06T06:32:30",[13,14,15,16],"Agent","开发框架","图像","数据工具","ready",{"id":19,"name":20,"github_repo":21,"description_zh":22,"stars":23,"difficulty_score":10,"last_commit_at":24,"category_tags":25,"status":17},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面，旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点，将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师，还是想要深入探索模型潜力的开发者与研究人员，都能从中获益。其核心亮点在于极高的功能丰富度：不仅支持文生图、图生图、局部重绘（Inpainting）和外绘（Outpainting）等基础模式，还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外，它内置了 GFPGAN 和 CodeFormer 等人脸修复工具，支持多种神经网络放大算法，并允许用户通过插件系统无限扩展能力。即使是显存有限的设备，stable-diffusion-webui 也提供了相应的优化选项，让高质量的 AI 艺术创作变得触手可及。",162132,"2026-04-05T11:01:52",[14,15,13],{"id":27,"name":28,"github_repo":29,"description_zh":30,"stars":31,"difficulty_score":32,"last_commit_at":33,"category_tags":34,"status":17},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手（如 Claude Code、Codex、Cursor 等）打造的高性能优化系统。它不仅仅是一组配置文件，而是一个经过长期实战打磨的完整框架，旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能，everything-claude-code 能显著提升 AI 在复杂任务中的表现，帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略，使得模型响应更快、成本更低，同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库，还是需要 AI 协助进行安全审计与自动化测试，everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目，它融合了多语言支持与丰富的实战钩子（hooks），让 AI 真正成长为懂上",150037,2,"2026-04-10T23:33:47",[14,13,35],"语言模型",{"id":37,"name":38,"github_repo":39,"description_zh":40,"stars":41,"difficulty_score":32,"last_commit_at":42,"category_tags":43,"status":17},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎，专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式，采用直观的节点式流程图界面，让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景，也能自由组合模型、调整参数并实时预览效果，轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性，不仅支持 Windows、macOS 和 Linux 全平台，还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构，并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者，还是追求极致创作自由度的设计师与资深 AI 绘画爱好者，ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能，使其成为当前最灵活、生态最丰富的开源扩散模型工具之一，帮助用户将创意高效转化为现实。",108322,"2026-04-10T11:39:34",[14,15,13],{"id":45,"name":46,"github_repo":47,"description_zh":48,"stars":49,"difficulty_score":32,"last_commit_at":50,"category_tags":51,"status":17},6121,"gemini-cli","google-gemini\u002Fgemini-cli","gemini-cli 是一款由谷歌推出的开源 AI 命令行工具，它将强大的 Gemini 大模型能力直接集成到用户的终端环境中。对于习惯在命令行工作的开发者而言，它提供了一条从输入提示词到获取模型响应的最短路径，无需切换窗口即可享受智能辅助。\n\n这款工具主要解决了开发过程中频繁上下文切换的痛点，让用户能在熟悉的终端界面内直接完成代码理解、生成、调试以及自动化运维任务。无论是查询大型代码库、根据草图生成应用，还是执行复杂的 Git 操作，gemini-cli 都能通过自然语言指令高效处理。\n\n它特别适合广大软件工程师、DevOps 人员及技术研究人员使用。其核心亮点包括支持高达 100 万 token 的超长上下文窗口，具备出色的逻辑推理能力；内置 Google 搜索、文件操作及 Shell 命令执行等实用工具；更独特的是，它支持 MCP（模型上下文协议），允许用户灵活扩展自定义集成，连接如图像生成等外部能力。此外，个人谷歌账号即可享受免费的额度支持，且项目基于 Apache 2.0 协议完全开源，是提升终端工作效率的理想助手。",100752,"2026-04-10T01:20:03",[52,13,15,14],"插件",{"id":54,"name":55,"github_repo":56,"description_zh":57,"stars":58,"difficulty_score":32,"last_commit_at":59,"category_tags":60,"status":17},4721,"markitdown","microsoft\u002Fmarkitdown","MarkItDown 是一款由微软 AutoGen 团队打造的轻量级 Python 工具，专为将各类文件高效转换为 Markdown 格式而设计。它支持 PDF、Word、Excel、PPT、图片（含 OCR）、音频（含语音转录）、HTML 乃至 YouTube 链接等多种格式的解析，能够精准提取文档中的标题、列表、表格和链接等关键结构信息。\n\n在人工智能应用日益普及的今天，大语言模型（LLM）虽擅长处理文本，却难以直接读取复杂的二进制办公文档。MarkItDown 恰好解决了这一痛点，它将非结构化或半结构化的文件转化为模型“原生理解”且 Token 效率极高的 Markdown 格式，成为连接本地文件与 AI 分析 pipeline 的理想桥梁。此外，它还提供了 MCP（模型上下文协议）服务器，可无缝集成到 Claude Desktop 等 LLM 应用中。\n\n这款工具特别适合开发者、数据科学家及 AI 研究人员使用，尤其是那些需要构建文档检索增强生成（RAG）系统、进行批量文本分析或希望让 AI 助手直接“阅读”本地文件的用户。虽然生成的内容也具备一定可读性，但其核心优势在于为机器",93400,"2026-04-06T19:52:38",[52,14],{"id":62,"github_repo":63,"name":64,"description_en":65,"description_zh":66,"ai_summary_zh":66,"readme_en":67,"readme_zh":68,"quickstart_zh":69,"use_case_zh":70,"hero_image_url":71,"owner_login":72,"owner_name":73,"owner_avatar_url":74,"owner_bio":75,"owner_company":76,"owner_location":77,"owner_email":73,"owner_twitter":73,"owner_website":78,"owner_url":79,"languages":80,"stars":85,"forks":86,"last_commit_at":87,"license":88,"difficulty_score":32,"env_os":89,"env_gpu":90,"env_ram":89,"env_deps":91,"category_tags":98,"github_topics":99,"view_count":32,"oss_zip_url":73,"oss_zip_packed_at":73,"status":17,"created_at":109,"updated_at":110,"faqs":111,"releases":140},6559,"DSE-MSU\u002FDeepRobust","DeepRobust","A pytorch adversarial library for attack and defense methods on images and graphs","DeepRobust 是一个基于 PyTorch 构建的开源库，专注于为图像和图数据提供全面的对抗攻击与防御算法支持。在人工智能领域，模型常面临恶意干扰的威胁：针对图像的微小扰动可能导致识别错误，而对图结构数据的隐蔽修改则能误导节点分类结果。DeepRobust 旨在解决这一安全性难题，帮助开发者轻松复现主流攻击手段并验证防御策略的有效性，从而评估和提升模型的鲁棒性。\n\n该工具特别适合人工智能研究人员、算法工程师及安全领域的开发者使用。无论是需要快速搭建实验环境进行学术探索，还是希望在工业场景中测试模型抗干扰能力，DeepRobust 都能提供极大便利。其核心亮点在于“双域支持”，不仅涵盖了 FGSM、PGD 等经典的图像对抗算法，还集成了针对图神经网络（GNN）的特有攻击与防御方法，填补了图数据安全工具链的空白。此外，DeepRobust 提供了清晰的文档和丰富的示例代码，让用户能在短时间内上手，高效完成从理论验证到实际部署的全流程工作，是构建可信 AI 系统的得力助手。","\n[contributing-image]: https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fcontributions-welcome-brightgreen.svg?style=flat\n[contributing-url]: https:\u002F\u002Fgithub.com\u002Frusty1s\u002Fpytorch_geometric\u002Fblob\u002Fmaster\u002FCONTRIBUTING.md\n\n\u003Cp align=\"center\">\n\u003Cimg center src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_0b38a6006887.png\" width = \"450\" alt=\"logo\">\n\u003C\u002Fp>\n\n---------------------\n\u003C!--\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fstargazers\">\u003Cimg alt=\"GitHub stars\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FDSE-MSU\u002FDeepRobust\">\u003C\u002Fa>  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fnetwork\u002Fmembers\" >\u003Cimg alt=\"GitHub forks\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002FDSE-MSU\u002FDeepRobust\">\n\u003C\u002Fa> \n-->\n\n\u003Cimg alt=\"GitHub last commit\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flast-commit\u002FDSE-MSU\u002FDeepRobust\"> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\"> \u003Cimg alt=\"GitHub issues\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002FDSE-MSU\u002FDeepRobust\">\u003C\u002Fa> \u003Cimg alt=\"GitHub\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002FDSE-MSU\u002FDeepRobust\">\n[![Contributing][contributing-image]][contributing-url]\n[![Tweet](https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Furl\u002Fhttp\u002Fshields.io.svg?style=social)](https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?text=Build%20your%20robust%20machine%20learning%20models%20with%20DeepRobust%20in%2060%20seconds&url=https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust&via=dse_msu&hashtags=MachineLearning,DeepLearning,secruity,data,developers)\n\n\n\u003C!-- \u003Cimg alt=\"GitHub top language\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flanguages\u002Ftop\u002FDSE-MSU\u002FDeepRobust\"> -->\n\n\u003C!--\n\u003Cdiv align=center>\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fadversarial.png\" width=\"500\"\u002F>\u003C\u002Fdiv>\n\u003Cdiv align=center>\u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_ceacf704b277.png\" width=\"00\" \u002F>\u003C\u002Fdiv>\n-->\n**[Documentation](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F)** | **[Paper](https:\u002F\u002Farxiv.org\u002Fabs\u002F2005.06149)** | **[Samples](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fexamples)** \n\n[AAAI 2021] DeepRobust is a PyTorch adversarial library for attack and defense methods on images and graphs. \n* If you are new to DeepRobust, we highly suggest you read the [documentation page](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F) or the following content in this README to learn how to use it.  \n* If you have any questions or suggestions regarding this library, feel free to create an issue [here](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues). We will reply as soon as possible :)\n\n\u003Cp float=\"left\">\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_cced7c47c925.png\" width=\"430\" \u002F>\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_ceacf704b277.png\" width=\"380\" \u002F> \n\u003C\u002Fp>\n\n**List of including algorithms can be found in [[Image Package]](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fimage) and [[Graph Package]](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph).**\n\n[Environment & Installation](#environment)\n\nUsage\n\n* [Image Attack and Defense](#image-attack-and-defense)\n\n* [Graph Attack and Defense](#graph-attack-and-defense)\n\n[Acknowledgement](#acknowledgement) \n\nFor more details about attacks and defenses, you can read the following papers.\n* [Adversarial Attacks and Defenses on Graphs: A Review, A Tool and Empirical Studies](https:\u002F\u002Farxiv.org\u002Fabs\u002F2003.00653)\n* [Adversarial Attacks and Defenses in Images, Graphs and Text: A Review](https:\u002F\u002Farxiv.org\u002Fpdf\u002F1909.08072.pdf)\n\nIf our work could help your research, please cite:\n[DeepRobust: A PyTorch Library for Adversarial Attacks and Defenses](https:\u002F\u002Farxiv.org\u002Fabs\u002F2005.06149)\n```\n@article{li2020deeprobust,\n  title={Deeprobust: A pytorch library for adversarial attacks and defenses},\n  author={Li, Yaxin and Jin, Wei and Xu, Han and Tang, Jiliang},\n  journal={arXiv preprint arXiv:2005.06149},\n  year={2020}\n}\n```\n\n# Changelog\n* [11\u002F2023] Try \u003Cspan style=\"color:red\"> `git clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git; cd DeepRobust; python setup_empty.py install` \u003C\u002Fspan> to directly install DeepRobust without installing dependency packages.\n* [11\u002F2023] DeepRobust 0.2.9 Released. Please try `pip install deeprobust==0.2.9`. We have fixed the OOM issue of metattack on new pytorch versions.\n* [06\u002F2023] We have added a backdoor attack [UGBA, WWW'23](https:\u002F\u002Farxiv.org\u002Fabs\u002F2303.01263) to graph package. We can now use UGBA to conduct unnoticeable backdoor attack on large-scale graphs such as ogb-arxiv (see example in [test_ugba.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_ugba.py))! \n* [02\u002F2023] DeepRobust 0.2.8 Released. Please try `pip install deeprobust==0.2.8`! We have added a scalable attack [PRBCD, NeurIPS'21](https:\u002F\u002Farxiv.org\u002Fabs\u002F2110.14038) to graph package. We can now use PRBCD to attack large-scale graphs such as ogb-arxiv (see example in [test_prbcd.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_prbcd.py))! \n* [02\u002F2023] Add a robust model [AirGNN, NeurIPS'21](https:\u002F\u002Fproceedings.neurips.cc\u002Fpaper\u002F2021\u002Ffile\u002F50abc3e730e36b387ca8e02c26dc0a22-Paper.pdf) to graph package. Try `python examples\u002Fgraph\u002Ftest_airgnn.py`! See details in [test_airgnn.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_airgnn.py)\n* [11\u002F2022] DeepRobust 0.2.6 Released. Please try `pip install deeprobust==0.2.6`! We have more updates coming. Please stay tuned!\n* [11\u002F2021] A subpackage that includes popular black box attacks in image domain is released. Find it here. [Link](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FBlack-Box-Attacks)\n* [11\u002F2021] DeepRobust 0.2.4 Released. Please try `pip install deeprobust==0.2.4`!\n* [10\u002F2021] add scalable attack and MedianGCN. Thank [Jintang](https:\u002F\u002Fgithub.com\u002FEdisonLeeeee) for his contribution!\n* [06\u002F2021] [Image Package] Add preprocessing method: APE-GAN.\n* [05\u002F2021] DeepRobust is published at AAAI 2021. Check [here](https:\u002F\u002Fojs.aaai.org\u002Findex.php\u002FAAAI\u002Farticle\u002Fview\u002F18017)!\n* [05\u002F2021] DeepRobust 0.2.2 Released. Please try `pip install deeprobust==0.2.2`!\n* [04\u002F2021] [Image Package] Add support for ImageNet. See details in [test_ImageNet.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fimage\u002Ftest_ImageNet.py)\n* [04\u002F2021] [Graph Package] Add support for OGB datasets.  See more details in the [tutorial page](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fpyg.html).\n* [03\u002F2021] [Graph Package] Added node embedding attack and victim models! See this [tutorial page](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fnode_embedding.html).\n* [02\u002F2021] **[Graph Package] DeepRobust now provides tools for converting the datasets between [Pytorch Geometric](https:\u002F\u002Fpytorch-geometric.readthedocs.io\u002Fen\u002Flatest\u002F) and DeepRobust. See more details in the [tutorial page](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fpyg.html)!** DeepRobust now also support GAT, Chebnet and SGC based on pyg; see details in [test_gat.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_gat.py),  [test_chebnet.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_chebnet.py) and [test_sgc.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_sgc.py)\n* [12\u002F2020] DeepRobust now can be installed via pip! Try `pip install deeprobust`!\n* [12\u002F2020] [Graph Package] Add four more [datasets](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph\u002F#supported-datasets) and one defense algorithm. More details can be found [here](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph\u002F#defense-methods). More datasets and algorithms will be added later. Stay tuned :)\n* [07\u002F2020] Add [documentation](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F) page!\n* [06\u002F2020] Add docstring to both image and graph package\n\n# Basic Environment\n* `python >= 3.6` (python 3.5 should also work)\n* `pytorch >= 1.2.0`\n\nsee `setup.py` or `requirements.txt` for more information.\n\n# Installation\n## Install from pip\n```\npip install deeprobust \n```\n## Install from source\n```\ngit clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git\ncd DeepRobust\npython setup.py install\n```\nIf you find the dependencies are hard to install, please try the following:\n```python setup_empty.py install``` (only install deeprobust without installing other packages) \n\n# Test Examples\n\n```\npython examples\u002Fimage\u002Ftest_PGD.py\npython examples\u002Fimage\u002Ftest_pgdtraining.py\npython examples\u002Fgraph\u002Ftest_gcn_jaccard.py --dataset cora\npython examples\u002Fgraph\u002Ftest_mettack.py --dataset cora --ptb_rate 0.05\n```\n\n# Usage\n## Image Attack and Defense\n1. Train model\n\n    Example: Train a simple CNN model on MNIST dataset for 20 epoch on gpu.\n    ```python\n    import deeprobust.image.netmodels.train_model as trainmodel\n    trainmodel.train('CNN', 'MNIST', 'cuda', 20)\n    ```\n    Model would be saved in deeprobust\u002Ftrained_models\u002F.\n\n2. Instantiated attack methods and defense methods.\n\n    Example: Generate adversary example with PGD attack.\n    ```python\n    from deeprobust.image.attack.pgd import PGD\n    from deeprobust.image.config import attack_params\n    from deeprobust.image.utils import download_model\n    import torch\n    import deeprobust.image.netmodels.resnet as resnet\n    from torchvision import transforms,datasets\n    \n    URL = \"https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002Fdeeprobust_model\u002Fraw\u002Fmaster\u002FCIFAR10_ResNet18_epoch_20.pt\"\n    download_model(URL, \"$MODEL_PATH$\")\n\n    model = resnet.ResNet18().to('cuda')\n    model.load_state_dict(torch.load(\"$MODEL_PATH$\"))\n    model.eval()\n\n    transform_val = transforms.Compose([transforms.ToTensor()])\n    test_loader  = torch.utils.data.DataLoader(\n                    datasets.CIFAR10('deeprobust\u002Fimage\u002Fdata', train = False, download=True,\n                    transform = transform_val),\n                    batch_size = 10, shuffle=True)\n\n    x, y = next(iter(test_loader))\n    x = x.to('cuda').float()\n    \n    adversary = PGD(model, 'cuda')\n    Adv_img = adversary.generate(x, y, **attack_params['PGD_CIFAR10'])\n    ```\n\n    Example: Train defense model.\n    ```python\n    from deeprobust.image.defense.pgdtraining import PGDtraining\n    from deeprobust.image.config import defense_params\n    from deeprobust.image.netmodels.CNN import Net\n    import torch\n    from torchvision import datasets, transforms \n    \n    model = Net()\n    train_loader = torch.utils.data.DataLoader(\n                    datasets.MNIST('deeprobust\u002Fimage\u002Fdefense\u002Fdata', train=True, download=True,\n                                    transform=transforms.Compose([transforms.ToTensor()])),\n                                    batch_size=100,shuffle=True)\n\n    test_loader = torch.utils.data.DataLoader(\n                  datasets.MNIST('deeprobust\u002Fimage\u002Fdefense\u002Fdata', train=False,\n                                transform=transforms.Compose([transforms.ToTensor()])),\n                                batch_size=1000,shuffle=True)\n\n    defense = PGDtraining(model, 'cuda')\n    defense.generate(train_loader, test_loader, **defense_params[\"PGDtraining_MNIST\"])\n    ```\n\n    More example code can be found in deeprobust\u002Fexamples.\n\n3. Use our evulation program to test attack algorithm against defense.\n\n    Example:\n    ```\n    cd DeepRobust\n    python examples\u002Fimage\u002Ftest_train.py\n    python deeprobust\u002Fimage\u002Fevaluation_attack.py\n    ```\n\n## Graph Attack and Defense \n\n### Attacking Graph Neural Networks\n\n1. Load dataset\n    ```python\n    import torch\n    import numpy as np\n    from deeprobust.graph.data import Dataset\n    from deeprobust.graph.defense import GCN\n    from deeprobust.graph.global_attack import Metattack\n\n    data = Dataset(root='\u002Ftmp\u002F', name='cora', setting='nettack')\n    adj, features, labels = data.adj, data.features, data.labels\n    idx_train, idx_val, idx_test = data.idx_train, data.idx_val, data.idx_test\n    idx_unlabeled = np.union1d(idx_val, idx_test)\n    ```\n\n2. Set up surrogate model\n    ```python\n    device = torch.device(\"cuda:0\" if torch.cuda.is_available() else \"cpu\")\n    surrogate = GCN(nfeat=features.shape[1], nclass=labels.max().item()+1, nhid=16,\n                    with_relu=False, device=device)\n    surrogate = surrogate.to(device)\n    surrogate.fit(features, adj, labels, idx_train)\n    ```\n\n\n3. Set up attack model and generate perturbations\n    ```python\n    model = Metattack(model=surrogate, nnodes=adj.shape[0], feature_shape=features.shape, device=device)\n    model = model.to(device)\n    perturbations = int(0.05 * (adj.sum() \u002F\u002F 2))\n    model.attack(features, adj, labels, idx_train, idx_unlabeled, perturbations, ll_constraint=False)\n    modified_adj = model.modified_adj\n    ```\n    \nFor more details please refer to [mettack.py](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_mettack.py) or run \n    ```\n    python examples\u002Fgraph\u002Ftest_mettack.py --dataset cora --ptb_rate 0.05\n    ```\n\n### Defending Against Graph Attacks\n\n1. Load dataset\n    ```python\n    import torch\n    from deeprobust.graph.data import Dataset, PtbDataset\n    from deeprobust.graph.defense import GCN, GCNJaccard\n    import numpy as np\n    np.random.seed(15)\n\n    # load clean graph\n    data = Dataset(root='\u002Ftmp\u002F', name='cora', setting='nettack')\n    adj, features, labels = data.adj, data.features, data.labels\n    idx_train, idx_val, idx_test = data.idx_train, data.idx_val, data.idx_test\n\n    # load pre-attacked graph by mettack\n    perturbed_data = PtbDataset(root='\u002Ftmp\u002F', name='cora')\n    perturbed_adj = perturbed_data.adj\n    ```\n2. Test \n    ```python\n    # Set up defense model and test performance\n    device = torch.device(\"cuda:0\" if torch.cuda.is_available() else \"cpu\")\n    model = GCNJaccard(nfeat=features.shape[1], nclass=labels.max()+1, nhid=16, device=device)\n    model = model.to(device)\n    model.fit(features, perturbed_adj, labels, idx_train)\n    model.eval()\n    output = model.test(idx_test)\n\n    # Test on GCN\n    model = GCN(nfeat=features.shape[1], nclass=labels.max()+1, nhid=16, device=device)\n    model = model.to(device)\n    model.fit(features, perturbed_adj, labels, idx_train)\n    model.eval()\n    output = model.test(idx_test)\n    ```\n    \nFor more details please refer to [test_gcn_jaccard.py](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_gcn_jaccard.py) or run\n    ```\n    python examples\u002Fgraph\u002Ftest_gcn_jaccard.py --dataset cora\n    ```\n\n## Sample Results\nadversary examples generated by fgsm:\n\u003Cdiv align=\"center\">\n\u003Cimg height=140 src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_43ee4ac805f1.png\"\u002F>\u003Cimg height=140 src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_4cd034ece1ad.png\"\u002F>\n\u003C\u002Fdiv>\nLeft:original, classified as 6; Right:adversary, classified as 4.\n\nServeral trained models can be found here: https:\u002F\u002Fdrive.google.com\u002Fopen?id=1uGLiuCyd8zCAQ8tPz9DDUQH6zm-C4tEL\n\n## Acknowledgement\nSome of the algorithms are referred to paper authors' implementations. References can be found at the top of each file. \n\nImplementation of network structure are referred to weiaicunzai's github. Original code can be found here:\n[pytorch-cifar100](https:\u002F\u002Fgithub.com\u002Fweiaicunzai\u002Fpytorch-cifar100)\n\nThanks to their outstanding works!\n\n\n\u003C!----\nWe would be glad if you find our work useful and cite the paper.\n\n'''\n@misc{jin2020adversarial,\n    title={Adversarial Attacks and Defenses on Graphs: A Review and Empirical Study},\n    author={Wei Jin and Yaxin Li and Han Xu and Yiqi Wang and Jiliang Tang},\n    year={2020},\n    eprint={2003.00653},\n    archivePrefix={arXiv},\n    primaryClass={cs.LG}\n}\n'''\n```\n@article{xu2019adversarial,\n  title={Adversarial attacks and defenses in images, graphs and text: A review},\n  author={Xu, Han and Ma, Yao and Liu, Haochen and Deb, Debayan and Liu, Hui and Tang, Jiliang and Jain, Anil},\n  journal={arXiv preprint arXiv:1909.08072},\n  year={2019}\n}\n```\n---->\n","[contributing-image]: https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fcontributions-welcome-brightgreen.svg?style=flat\n[contributing-url]: https:\u002F\u002Fgithub.com\u002Frusty1s\u002Fpytorch_geometric\u002Fblob\u002Fmaster\u002FCONTRIBUTING.md\n\n\u003Cp align=\"center\">\n\u003Cimg center src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_0b38a6006887.png\" width = \"450\" alt=\"logo\">\n\u003C\u002Fp>\n\n---------------------\n\u003C!--\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fstargazers\">\u003Cimg alt=\"GitHub stars\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FDSE-MSU\u002FDeepRobust\">\u003C\u002Fa>  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fnetwork\u002Fmembers\" >\u003Cimg alt=\"GitHub forks\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002FDSE-MSU\u002FDeepRobust\">\n\u003C\u002Fa> \n-->\n\n\u003Cimg alt=\"GitHub last commit\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flast-commit\u002FDSE-MSU\u002FDeepRobust\"> \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\"> \u003Cimg alt=\"GitHub issues\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002FDSE-MSU\u002FDeepRobust\">\u003C\u002Fa> \u003Cimg alt=\"GitHub\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flicense\u002FDSE-MSU\u002FDeepRobust\">\n[![Contributing][contributing-image]][contributing-url]\n[![Tweet](https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Furl\u002Fhttp\u002Fshields.io.svg?style=social)](https:\u002F\u002Ftwitter.com\u002Fintent\u002Ftweet?text=Build%20your%20robust%20machine%20learning%20models%20with%20DeepRobust%20in%2060%20seconds&url=https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust&via=dse_msu&hashtags=MachineLearning,DeepLearning,secruity,data,developers)\n\n\n\u003C!-- \u003Cimg alt=\"GitHub top language\" src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flanguages\u002Ftop\u002FDSE-MSU\u002FDeepRobust\"> -->\n\n\u003C!--\n\u003Cdiv align=center>\u003Cimg src=\"https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fadversarial.png\" width=\"500\"\u002F>\u003C\u002Fdiv>\n\u003Cdiv align=center>\u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_ceacf704b277.png\" width=\"00\" \u002F>\u003C\u002Fdiv>\n-->\n**[文档](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F)** | **[论文](https:\u002F\u002Farxiv.org\u002Fabs\u002F2005.06149)** | **[示例](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fexamples)** \n\n[AAAI 2021] DeepRobust 是一个基于 PyTorch 的对抗库，用于图像和图上的攻击与防御方法。\n* 如果您是 DeepRobust 的新手，我们强烈建议您阅读 [文档页面](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F) 或本 README 中的以下内容，以了解如何使用它。\n* 如果您对该库有任何疑问或建议，请随时在此处创建问题 [这里](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues)。我们会尽快回复 :)\n\n\u003Cp float=\"left\">\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_cced7c47c925.png\" width=\"430\" \u002F>\n  \u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_ceacf704b277.png\" width=\"380\" \u002F> \n\u003C\u002Fp>\n\n**包含的算法列表可在 [[图像包]](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fimage) 和 [[图包]](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph) 中找到。**\n\n[环境与安装](#environment)\n\n使用方法\n\n* [图像攻击与防御](#image-attack-and-defense)\n\n* [图攻击与防御](#graph-attack-and-defense)\n\n[致谢](#acknowledgement) \n\n有关攻击和防御的更多详细信息，您可以阅读以下论文。\n* [图上的对抗攻击与防御：综述、工具及实证研究](https:\u002F\u002Farxiv.org\u002Fabs\u002F2003.00653)\n* [图像、图和文本中的对抗攻击与防御：综述](https:\u002F\u002Farxiv.org\u002Fpdf\u002F1909.08072.pdf)\n\n如果我们的工作对您的研究有所帮助，请引用：\n[DeepRobust：用于对抗攻击与防御的 PyTorch 库](https:\u002F\u002Farxiv.org\u002Fabs\u002F2005.06149)\n```\n@article{li2020deeprobust,\n  title={Deeprobust: A pytorch library for adversarial attacks and defenses},\n  author={Li, Yaxin and Jin, Wei and Xu, Han and Tang, Jiliang},\n  journal={arXiv preprint arXiv:2005.06149},\n  year={2020}\n}\n```\n\n# 更改记录\n* [11\u002F2023] 尝试 \u003Cspan style=\"color:red\"> `git clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git; cd DeepRobust; python setup_empty.py install` \u003C\u002Fspan> 直接安装 DeepRobust，无需先安装依赖包。\n* [11\u002F2023] DeepRobust 0.2.9 发布。请尝试 `pip install deeprobust==0.2.9`。我们已修复了在新版本 PyTorch 上 metattack 的 OOM 问题。\n* [06\u002F2023] 我们在图模型包中新增了一种后门攻击方法 [UGBA, WWW'23](https:\u002F\u002Farxiv.org\u002Fabs\u002F2303.01263)。现在可以使用 UGBA 对大规模图数据集（如 ogb-arxiv）进行隐蔽的后门攻击（详见 [test_ugba.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_ugba.py)）！\n* [02\u002F2023] DeepRobust 0.2.8 发布。请尝试 `pip install deeprobust==0.2.8`！我们在图模型包中新增了一种可扩展攻击方法 [PRBCD, NeurIPS'21](https:\u002F\u002Farxiv.org\u002Fabs\u002F2110.14038)。现在可以使用 PRBCD 攻击大规模图数据集，例如 ogb-arxiv（详见 [test_prbcd.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_prbcd.py)）！\n* [02\u002F2023] 在图模型包中添加了一种鲁棒模型 [AirGNN, NeurIPS'21](https:\u002F\u002Fproceedings.neurips.cc\u002Fpaper\u002F2021\u002Ffile\u002F50abc3e730e36b387ca8e02c26dc0a22-Paper.pdf)。请尝试 `python examples\u002Fgraph\u002Ftest_airgnn.py`！详细信息请参见 [test_airgnn.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_airgnn.py)。\n* [11\u002F2022] DeepRobust 0.2.6 发布。请尝试 `pip install deeprobust==0.2.6`！后续还将有更多更新，敬请关注！\n* [11\u002F2021] 发布了一个包含图像领域流行黑盒攻击方法的子包。可在以下链接找到：[链接](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FBlack-Box-Attacks)。\n* [11\u002F2021] DeepRobust 0.2.4 发布。请尝试 `pip install deeprobust==0.2.4`！\n* [10\u002F2021] 添加了可扩展攻击方法和 MedianGCN。感谢 [Jintang](https:\u002F\u002Fgithub.com\u002FEdisonLeeeee) 的贡献！\n* [06\u002F2021] [图像包] 新增预处理方法：APE-GAN。\n* [05\u002F2021] DeepRobust 在 AAAI 2021 上发表。详情请见 [这里](https:\u002F\u002Fojs.aaai.org\u002Findex.php\u002FAAAI\u002Farticle\u002Fview\u002F18017)！\n* [05\u002F2021] DeepRobust 0.2.2 发布。请尝试 `pip install deeprobust==0.2.2`！\n* [04\u002F2021] [图像包] 增加对 ImageNet 数据集的支持。详细信息请参见 [test_ImageNet.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fimage\u002Ftest_ImageNet.py)。\n* [04\u002F2021] [图模型包] 增加对 OGB 数据集的支持。更多细节请参见 [教程页面](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fpyg.html)。\n* [03\u002F2021] [图模型包] 新增节点嵌入攻击和受害者模型！详情请参见 [教程页面](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fnode_embedding.html)。\n* [02\u002F2021] **[图模型包] DeepRobust 现在提供工具，可以在 [Pytorch Geometric](https:\u002F\u002Fpytorch-geometric.readthedocs.io\u002Fen\u002Flatest\u002F) 和 DeepRobust 之间转换数据集格式。更多细节请参见 [教程页面](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002Fgraph\u002Fpyg.html)！** 同时，DeepRobust 现在也支持基于 PyG 的 GAT、Chebnet 和 SGC；详情请参见 [test_gat.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_gat.py)、[test_chebnet.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_chebnet.py) 和 [test_sgc.py](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_sgc.py)。\n* [12\u002F2020] DeepRobust 现在可以通过 pip 安装！请尝试 `pip install deeprobust`！\n* [12\u002F2020] [图模型包] 新增四个 [数据集](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph\u002F#supported-datasets) 和一种防御算法。更多详情请参见 [这里](https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Ftree\u002Fmaster\u002Fdeeprobust\u002Fgraph\u002F#defense-methods)。后续还将继续增加数据集和算法，敬请期待 :)\n* [07\u002F2020] 新增 [文档](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F) 页面！\n* [06\u002F2020] 为图像和图模型包都添加了 docstring。\n\n# 基本环境\n* `python >= 3.6`（python 3.5 也应该可以）\n* `pytorch >= 1.2.0`\n\n更多信息请参阅 `setup.py` 或 `requirements.txt`。\n\n# 安装\n## 通过 pip 安装\n```\npip install deeprobust \n```\n## 从源码安装\n```\ngit clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git\ncd DeepRobust\npython setup.py install\n```\n如果发现依赖项难以安装，请尝试以下命令：\n```python setup_empty.py install```（仅安装 DeepRobust，不安装其他包）\n\n# 测试示例\n\n```\npython examples\u002Fimage\u002Ftest_PGD.py\npython examples\u002Fimage\u002Ftest_pgdtraining.py\npython examples\u002Fgraph\u002Ftest_gcn_jaccard.py --dataset cora\npython examples\u002Fgraph\u002Ftest_mettack.py --dataset cora --ptb_rate 0.05\n```\n\n# 使用\n\n## 图像攻击与防御\n1. 训练模型\n\n    示例：在 GPU 上对 MNIST 数据集上的简单 CNN 模型进行 20 个 epoch 的训练。\n    ```python\n    import deeprobust.image.netmodels.train_model as trainmodel\n    trainmodel.train('CNN', 'MNIST', 'cuda', 20)\n    ```\n    训练好的模型将保存在 deeprobust\u002Ftrained_models\u002F 目录下。\n\n2. 实例化攻击方法和防御方法。\n\n    示例：使用 PGD 攻击生成对抗样本。\n    ```python\n    from deeprobust.image.attack.pgd import PGD\n    from deeprobust.image.config import attack_params\n    from deeprobust.image.utils import download_model\n    import torch\n    import deeprobust.image.netmodels.resnet as resnet\n    from torchvision import transforms,datasets\n    \n    URL = \"https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002Fdeeprobust_model\u002Fraw\u002Fmaster\u002FCIFAR10_ResNet18_epoch_20.pt\"\n    download_model(URL, \"$MODEL_PATH$\")\n\n    model = resnet.ResNet18().to('cuda')\n    model.load_state_dict(torch.load(\"$MODEL_PATH$\"))\n    model.eval()\n\n    transform_val = transforms.Compose([transforms.ToTensor()])\n    test_loader  = torch.utils.data.DataLoader(\n                    datasets.CIFAR10('deeprobust\u002Fimage\u002Fdata', train = False, download=True,\n                    transform = transform_val),\n                    batch_size = 10, shuffle=True)\n\n    x, y = next(iter(test_loader))\n    x = x.to('cuda').float()\n    \n    adversary = PGD(model, 'cuda')\n    Adv_img = adversary.generate(x, y, **attack_params['PGD_CIFAR10'])\n    ```\n\n    示例：训练防御模型。\n    ```python\n    from deeprobust.image.defense.pgdtraining import PGDtraining\n    from deeprobust.image.config import defense_params\n    from deeprobust.image.netmodels.CNN import Net\n    import torch\n    from torchvision import datasets, transforms \n    \n    model = Net()\n    train_loader = torch.utils.data.DataLoader(\n                    datasets.MNIST('deeprobust\u002Fimage\u002Fdefense\u002Fdata', train=True, download=True,\n                                    transform=transforms.Compose([transforms.ToTensor()])),\n                                    batch_size=100,shuffle=True)\n\n    test_loader = torch.utils.data.DataLoader(\n                  datasets.MNIST('deeprobust\u002Fimage\u002Fdefense\u002Fdata', train=False,\n                                transform=transforms.Compose([transforms.ToTensor()])),\n                                batch_size=1000,shuffle=True)\n\n    defense = PGDtraining(model, 'cuda')\n    defense.generate(train_loader, test_loader, **defense_params[\"PGDtraining_MNIST\"])\n    ```\n\n    更多示例代码可在 deeprobust\u002Fexamples 中找到。\n\n3. 使用我们的评估程序测试攻击算法对防御的效果。\n\n    示例：\n    ```\n    cd DeepRobust\n    python examples\u002Fimage\u002Ftest_train.py\n    python deeprobust\u002Fimage\u002Fevaluation_attack.py\n    ```\n\n## 图神经网络攻击与防御\n\n### 对图神经网络的攻击\n\n1. 加载数据集\n    ```python\n    import torch\n    import numpy as np\n    from deeprobust.graph.data import Dataset\n    from deeprobust.graph.defense import GCN\n    from deeprobust.graph.global_attack import Metattack\n\n    data = Dataset(root='\u002Ftmp\u002F', name='cora', setting='nettack')\n    adj, features, labels = data.adj, data.features, data.labels\n    idx_train, idx_val, idx_test = data.idx_train, data.idx_val, data.idx_test\n    idx_unlabeled = np.union1d(idx_val, idx_test)\n    ```\n\n2. 设置代理模型\n    ```python\n    device = torch.device(\"cuda:0\" if torch.cuda.is_available() else \"cpu\")\n    surrogate = GCN(nfeat=features.shape[1], nclass=labels.max().item()+1, nhid=16,\n                    with_relu=False, device=device)\n    surrogate = surrogate.to(device)\n    surrogate.fit(features, adj, labels, idx_train)\n    ```\n\n\n3. 设置攻击模型并生成扰动\n    ```python\n    model = Metattack(model=surrogate, nnodes=adj.shape[0], feature_shape=features.shape, device=device)\n    model = model.to(device)\n    perturbations = int(0.05 * (adj.sum() \u002F\u002F 2))\n    model.attack(features, adj, labels, idx_train, idx_unlabeled, perturbations, ll_constraint=False)\n    modified_adj = model.modified_adj\n    ```\n    \n有关更多详细信息，请参阅 [mettack.py](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_mettack.py) 或运行\n    ```\n    python examples\u002Fgraph\u002Ftest_mettack.py --dataset cora --ptb_rate 0.05\n    ```\n\n### 防御图攻击\n\n1. 加载数据集\n    ```python\n    import torch\n    from deeprobust.graph.data import Dataset, PtbDataset\n    from deeprobust.graph.defense import GCN, GCNJaccard\n    import numpy as np\n    np.random.seed(15)\n\n    # 加载干净图\n    data = Dataset(root='\u002Ftmp\u002F', name='cora', setting='nettack')\n    adj, features, labels = data.adj, data.features, data.labels\n    idx_train, idx_val, idx_test = data.idx_train, data.idx_val, data.idx_test\n\n    # 加载被 mettack 攻击过的图\n    perturbed_data = PtbDataset(root='\u002Ftmp\u002F', name='cora')\n    perturbed_adj = perturbed_data.adj\n    ```\n2. 测试 \n    ```python\n    # 设置防御模型并测试性能\n    device = torch.device(\"cuda:0\" if torch.cuda.is_available() else \"cpu\")\n    model = GCNJaccard(nfeat=features.shape[1], nclass=labels.max()+1, nhid=16, device=device)\n    model = model.to(device)\n    model.fit(features, perturbed_adj, labels, idx_train)\n    model.eval()\n    output = model.test(idx_test)\n\n    # 在 GCN 上进行测试\n    model = GCN(nfeat=features.shape[1], nclass=labels.max()+1, nhid=16, device=device)\n    model = model.to(device)\n    model.fit(features, perturbed_adj, labels, idx_train)\n    model.eval()\n    output = model.test(idx_test)\n    ```\n    \n有关更多详细信息，请参阅 [test_gcn_jaccard.py](https:\u002F\u002Fgithub.com\u002FI-am-Bot\u002FDeepRobust\u002Fblob\u002Fmaster\u002Fexamples\u002Fgraph\u002Ftest_gcn_jaccard.py) 或运行\n    ```\n    python examples\u002Fgraph\u002Ftest_gcn_jaccard.py --dataset cora\n    ```\n\n## 样本结果\n由 FGSM 生成的对抗样本：\n\u003Cdiv align=\"center\">\n\u003Cimg height=140 src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_43ee4ac805f1.png\"\u002F>\u003Cimg height=140 src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_readme_4cd034ece1ad.png\"\u002F>\n\u003C\u002Fdiv>\n左：原始图像，分类为 6；右：对抗样本，分类为 4。\n\n一些训练好的模型可以在这里找到：https:\u002F\u002Fdrive.google.com\u002Fopen?id=1uGLiuCyd8zCAQ8tPz9DDUQH6zm-C4tEL\n\n## 致谢\n部分算法参考了论文作者的实现。相关引用可在每个文件的顶部找到。\n\n网络结构的实现参考了 weiaicunzai 的 GitHub 仓库。原始代码请见：\n[pytorch-cifar100](https:\u002F\u002Fgithub.com\u002Fweiaicunzai\u002Fpytorch-cifar100)\n\n感谢他们的杰出工作！\n\n\n\u003C!--\n如果您觉得我们的工作有用，请引用本文。\n\n'''\n@misc{jin2020adversarial,\n    title={图上的对抗攻击与防御：综述与实证研究},\n    author={Wei Jin、Yaxin Li、Han Xu、Yiqi Wang、Jiliang Tang},\n    year={2020},\n    eprint={2003.00653},\n    archivePrefix={arXiv},\n    primaryClass={cs.LG}\n}\n'''\n```\n@article{xu2019adversarial,\n  title={图像、图和文本中的对抗攻击与防御：综述},\n  author={Xu, Han、Ma, Yao、Liu, Haochen、Deb, Debayan、Liu, Hui、Tang, Jiliang、Jain, Anil},\n  journal={arXiv 预印本 arXiv:1909.08072},\n  year={2019}\n}\n```\n---->","# DeepRobust 快速上手指南\n\nDeepRobust 是一个基于 PyTorch 的对抗样本库，专注于图像和图数据（Graph）领域的攻击与防御算法。本指南将帮助你快速配置环境并运行基础示例。\n\n## 1. 环境准备\n\n在开始之前，请确保你的系统满足以下基本要求：\n\n*   **操作系统**: Linux, macOS 或 Windows\n*   **Python**: >= 3.6 (推荐 3.8+)\n*   **PyTorch**: >= 1.2.0\n*   **GPU**: 可选（推荐用于加速训练和攻击生成）\n\n**前置依赖安装建议：**\n建议先安装 PyTorch。国内用户可使用清华源加速安装：\n```bash\npip install torch torchvision torchaudio --index-url https:\u002F\u002Fpypi.tuna.tsinghua.edu.cn\u002Fsimple\n```\n\n其他依赖库（如 `numpy`, `scipy`, `networkx` 等）将在安装 DeepRobust 时自动处理，或参考项目根目录下的 `requirements.txt`。\n\n## 2. 安装步骤\n\n你可以选择通过 pip 直接安装，或从源码安装。\n\n### 方式一：通过 pip 安装（推荐）\n这是最快捷的方式，适合大多数用户。国内用户建议指定清华源。\n\n```bash\npip install deeprobust -i https:\u002F\u002Fpypi.tuna.tsinghua.edu.cn\u002Fsimple\n```\n*注：最新稳定版为 0.2.9，如需指定版本可添加 `==0.2.9`。*\n\n### 方式二：从源码安装\n如果你需要最新的功能或修改源码，请使用此方式。\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git\ncd DeepRobust\n\n# 标准安装（会自动安装依赖）\npython setup.py install\n\n# 如果依赖安装困难，可选择仅安装 deeprobust 核心包\n# python setup_empty.py install\n```\n\n## 3. 基本使用\n\nDeepRobust 主要分为 **图像 (Image)** 和 **图数据 (Graph)** 两大模块。以下是两个最简化的使用示例。\n\n### 场景一：图像对抗攻击 (PGD Attack)\n\n以下示例演示如何加载预训练模型，并使用 PGD 算法生成对抗样本。\n\n```python\nfrom deeprobust.image.attack.pgd import PGD\nfrom deeprobust.image.config import attack_params\nimport torch\nimport deeprobust.image.netmodels.resnet as resnet\nfrom torchvision import transforms, datasets\n\n# 1. 加载模型 (此处以 CIFAR10 ResNet18 为例)\n# 假设已下载模型权重到本地 \"$MODEL_PATH$\"\nmodel = resnet.ResNet18().to('cuda')\nmodel.load_state_dict(torch.load(\"$MODEL_PATH$\"))\nmodel.eval()\n\n# 2. 准备数据\ntransform_val = transforms.Compose([transforms.ToTensor()])\ntest_loader = torch.utils.data.DataLoader(\n    datasets.CIFAR10('deeprobust\u002Fimage\u002Fdata', train=False, download=True, transform=transform_val),\n    batch_size=10, shuffle=True\n)\n\nx, y = next(iter(test_loader))\nx = x.to('cuda').float()\n\n# 3. 初始化攻击器并生成对抗样本\nadversary = PGD(model, 'cuda')\n# 使用预设的 CIFAR10 攻击参数\nAdv_img = adversary.generate(x, y, **attack_params['PGD_CIFAR10'])\n\nprint(\"对抗样本生成完成，形状:\", Adv_img.shape)\n```\n\n### 场景二：图神经网络攻击 (Metattack)\n\n以下示例演示如何在 Cora 数据集上对 GCN 模型进行元攻击（Meta Attack）。\n\n```python\nimport torch\nimport numpy as np\nfrom deeprobust.graph.data import Dataset\nfrom deeprobust.graph.defense import GCN\nfrom deeprobust.graph.global_attack import Metattack\n\n# 1. 加载数据集\ndata = Dataset(root='\u002Ftmp\u002F', name='cora', setting='nettack')\nadj, features, labels = data.adj, data.features, data.labels\nidx_train, idx_val, idx_test = data.idx_train, data.idx_val, data.idx_test\nidx_unlabeled = np.union1d(idx_val, idx_test)\n\n# 2. 设置代理模型 (Surrogate Model)\ndevice = torch.device(\"cuda:0\" if torch.cuda.is_available() else \"cpu\")\nsurrogate = GCN(nfeat=features.shape[1], nclass=labels.max().item()+1, nhid=16, dropout=0.5, device=device).to(device)\n\n# 3. 初始化攻击器\nattacker = Metattack(model=surrogate, nnodes=adj.shape[0], nfeats=features.shape[1], \n                     device=device, lambda_=0.01, nclass=labels.max().item()+1)\n\n# 4. 执行攻击\n# 注意：实际使用时需先训练 surrogate 模型，此处仅为流程展示\n# attacker.attack(features, adj, labels, idx_train, idx_unlabeled, perturbations=20)\nprint(\"图攻击模块初始化完成，可调用 attack 方法执行攻击。\")\n```\n\n### 运行官方测试示例\n\n安装完成后，你可以直接运行仓库自带的测试脚本来验证环境是否正常：\n\n```bash\n# 测试图像 PGD 攻击\npython examples\u002Fimage\u002Ftest_PGD.py\n\n# 测试图数据 Metattack (需指定数据集)\npython examples\u002Fgraph\u002Ftest_mettack.py --dataset cora --ptb_rate 0.05\n```\n\n更多详细用法、参数配置及新算法（如 UGBA, PRBCD 等）请参考官方 [文档](https:\u002F\u002Fdeeprobust.readthedocs.io\u002Fen\u002Flatest\u002F) 或 `examples` 目录下的代码。","某金融风控团队正在开发基于图神经网络（GNN）的反欺诈系统，旨在通过用户交易关系图识别潜在的洗钱团伙，但担心模型易受对抗样本攻击而被黑产绕过。\n\n### 没有 DeepRobust 时\n- **算法复现成本极高**：研究人员需从零阅读大量学术论文并手动编写 PGD、FGSM 等攻击算法及对应防御策略，耗时数周且极易引入代码错误。\n- **图像与图数据割裂**：团队需分别维护两套独立的代码库来处理交易图像证据和关系图谱，缺乏统一接口导致实验对比困难，难以评估跨模态鲁棒性。\n- **基准测试缺失**：由于缺乏标准化的攻击 - 防御评估流程，无法量化模型在极端扰动下的真实性能，导致上线前对系统安全性心中无数。\n- **调试门槛高**：自定义实现的算子往往缺乏优化，在处理大规模稀疏图数据时显存溢出频发，严重拖慢迭代速度。\n\n### 使用 DeepRobust 后\n- **开箱即用加速研发**：直接调用 DeepRobust 内置的多种成熟攻击与防御模块，将原本数周的算法验证工作缩短至几小时，让团队聚焦于业务逻辑优化。\n- **统一框架高效协同**：利用其统一的 PyTorch 接口同时管理图像和图数据的对抗训练，轻松实现多模态场景下的联合鲁棒性评估，实验复现性显著提升。\n- **量化安全指标**：通过内置的标准化评估工具，快速生成模型在不同攻击强度下的准确率曲线，为系统上线提供了确凿的安全性数据支撑。\n- **性能稳定可靠**：依托库内针对稀疏图结构优化的底层算子，大幅降低了显存占用，使得在大规模交易图上运行复杂的对抗训练成为可能。\n\nDeepRobust 将复杂的对抗攻防理论转化为标准化的工程组件，帮助团队以最低成本构建了经得起实战考验的高鲁棒性风控模型。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FDSE-MSU_DeepRobust_05648749.png","DSE-MSU",null,"https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002FDSE-MSU_d8295252.png","Data Science and Engineering Lab\r\nDirector: Dr. Jiliang Tang","Michigan State University","East Lansing, MI, USA","http:\u002F\u002Fwww.dse.cse.msu.edu","https:\u002F\u002Fgithub.com\u002FDSE-MSU",[81],{"name":82,"color":83,"percentage":84},"Python","#3572A5",100,1081,192,"2026-04-10T10:57:30","MIT","未说明","非必需（代码示例支持 'cuda' 和 'cpu'），具体型号、显存大小及 CUDA 版本未说明（注：更新日志提及已修复新版 PyTorch 上的 OOM 问题）",{"notes":92,"python":93,"dependencies":94},"该库主要用于图像和图数据的对抗攻击与防御。若依赖包安装困难，可使用 'python setup_empty.py install' 仅安装 DeepRobust 而不安装其他依赖。支持通过 pip 直接安装 (pip install deeprobust)。图神经网络部分支持 PyTorch Geometric 数据集格式转换。",">=3.6 (README 注明 Python 3.5 也可能适用)",[95,96,97],"pytorch>=1.2.0","numpy","torchvision",[14],[100,101,102,103,104,105,106,107,108],"adversarial-attacks","adversarial-examples","deep-neural-networks","defense","graph-neural-networks","machine-learning","deep-learning","graph-convolutional-networks","graph-mining","2026-03-27T02:49:30.150509","2026-04-11T17:48:54.051732",[112,117,122,126,131,136],{"id":113,"question_zh":114,"answer_zh":115,"source_url":116},29752,"为什么在扰动图（perturbed graph）上测试时，分类准确率仍然很高？","这通常与攻击类型和模型训练方式有关。CE-PGD 和 CW-PGD 等攻击针对的是预定义的 GCN 模型，优化问题相对简单，因此攻击效果较好；而 Min-Max 攻击考虑了模型在受攻击数据上的重新训练（内部优化），因此在攻击需要重训练的模型时效果更好。如果您发现准确率依然很高，可能是因为使用的攻击方法未针对重训练场景进行优化，或者超参数（如内部循环步数）未调整到位。建议检查测试脚本中是否仅执行了一步内部最大化，参考论文增加内部优化步骤以提升攻击效果。","https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\u002F92",{"id":118,"question_zh":119,"answer_zh":120,"source_url":121},29753,"运行 test_PGD.py 时遇到 ipdb 调试断点或报错怎么办？","这是因为代码中保留了调试工具 `ipdb`。请打开 `test_PGD.py` 文件，找到并删除以下两行代码：\n`import ipdb`\n`ipdb.set_trace()`\n删除后重新运行即可。维护者已在后续版本中移除了这些调试代码。","https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\u002F53",{"id":123,"question_zh":124,"answer_zh":125,"source_url":121},29754,"运行 LBFGS 攻击示例时报错 'missing 1 required positional argument: target_label' 如何解决？","LBFGS 攻击需要指定目标标签（target_label）。请在调用 `attack.generate` 方法时，确保传入了 `target_label` 参数。您可以参考更新后的示例代码（examples\u002Fimage\u002Ftest_lbfgs.py），其中已补充了该参数的设置方法。",{"id":127,"question_zh":128,"answer_zh":129,"source_url":130},29755,"如何在非 cuda:0 的特定 GPU 设备上运行 GNN 模型？","早期版本硬编码了设备为 `cuda:0`，导致在多 GPU 环境下报错。解决方法是修改源码中 `normalize_adj_tensor` 和 `degree_normalize_adj_tensor` 函数的设备获取逻辑。\n请将原本的设备设置代码：\n`device = torch.device(\"cuda\" if adj.is_cuda else \"cpu\")`\n替换为：\n`device = adj.device`\n这样可以自动获取输入张量所在的设备，从而支持在任意指定的 GPU（如 cuda:2）上运行。维护者已在最新版本中修复了此问题。","https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\u002F74",{"id":132,"question_zh":133,"answer_zh":134,"source_url":135},29756,"运行 ProGNN 训练时出现 'mat1 and mat2 shapes cannot be multiplied' 维度不匹配错误怎么办？","这通常是因为安装的 DeepRobust 版本过旧，不支持某些数据集设置（如 polblogs 或 prognn 模式）。请完全卸载当前版本并从源码重新安装最新版：\n1. 卸载旧版：`pip uninstall deeprobust`\n2. 克隆源码：`git clone https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust.git`\n3. 进入目录并安装：`cd DeepRobust` 然后 `python setup.py install`\n重新安装后，维度匹配问题和 CPU 运行问题均已被修复。","https:\u002F\u002Fgithub.com\u002FDSE-MSU\u002FDeepRobust\u002Fissues\u002F64",{"id":137,"question_zh":138,"answer_zh":139,"source_url":121},29757,"Pro-GNN 在我的自定义数据集上训练时，prox_nuclear loss 在几个 epoch 后持续上升，如何修复？","如果排除了代码调试断点（ipdb）的影响后问题依旧，可能是超参数设置或数据归一化问题。首先确保您使用的是最新版本的 DeepRobust（参考上述重装步骤）。其次，检查您的自定义数据集是否与原始数据集（如 Cora, Citeseer）具有相似的稀疏性和特征分布。如果 loss 持续发散，尝试减小学习率或调整正则化系数。若问题仍存在，建议提供具体的复现代码以便维护者排查是否为特定数据格式导致的兼容性问题。",[]]