[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-MadryLab--robustness":3,"tool-MadryLab--robustness":61},[4,18,26,36,44,53],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":17},4358,"openclaw","openclaw\u002Fopenclaw","OpenClaw 是一款专为个人打造的本地化 AI 助手,旨在让你在自己的设备上拥有完全可控的智能伙伴。它打破了传统 AI 助手局限于特定网页或应用的束缚,能够直接接入你日常使用的各类通讯渠道,包括微信、WhatsApp、Telegram、Discord、iMessage 等数十种平台。无论你在哪个聊天软件中发送消息,OpenClaw 都能即时响应,甚至支持在 macOS、iOS 和 Android 设备上进行语音交互,并提供实时的画布渲染功能供你操控。\n\n这款工具主要解决了用户对数据隐私、响应速度以及“始终在线”体验的需求。通过将 AI 部署在本地,用户无需依赖云端服务即可享受快速、私密的智能辅助,真正实现了“你的数据,你做主”。其独特的技术亮点在于强大的网关架构,将控制平面与核心助手分离,确保跨平台通信的流畅性与扩展性。\n\nOpenClaw 非常适合希望构建个性化工作流的技术爱好者、开发者,以及注重隐私保护且不愿被单一生态绑定的普通用户。只要具备基础的终端操作能力(支持 macOS、Linux 及 Windows WSL2),即可通过简单的命令行引导完成部署。如果你渴望拥有一个懂你",349277,3,"2026-04-06T06:32:30",[13,14,15,16],"Agent","开发框架","图像","数据工具","ready",{"id":19,"name":20,"github_repo":21,"description_zh":22,"stars":23,"difficulty_score":10,"last_commit_at":24,"category_tags":25,"status":17},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面,旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点,将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师,还是想要深入探索模型潜力的开发者与研究人员,都能从中获益。其核心亮点在于极高的功能丰富度:不仅支持文生图、图生图、局部重绘(Inpainting)和外绘(Outpainting)等基础模式,还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外,它内置了 GFPGAN 和 CodeFormer 等人脸修复工具,支持多种神经网络放大算法,并允许用户通过插件系统无限扩展能力。即使是显存有限的设备,stable-diffusion-webui 也提供了相应的优化选项,让高质量的 AI 艺术创作变得触手可及。",162132,"2026-04-05T11:01:52",[14,15,13],{"id":27,"name":28,"github_repo":29,"description_zh":30,"stars":31,"difficulty_score":32,"last_commit_at":33,"category_tags":34,"status":17},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手(如 Claude Code、Codex、Cursor 等)打造的高性能优化系统。它不仅仅是一组配置文件,而是一个经过长期实战打磨的完整框架,旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能,everything-claude-code 能显著提升 AI 在复杂任务中的表现,帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略,使得模型响应更快、成本更低,同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库,还是需要 AI 协助进行安全审计与自动化测试,everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目,它融合了多语言支持与丰富的实战钩子(hooks),让 AI 真正成长为懂上",152630,2,"2026-04-12T23:33:54",[14,13,35],"语言模型",{"id":37,"name":38,"github_repo":39,"description_zh":40,"stars":41,"difficulty_score":32,"last_commit_at":42,"category_tags":43,"status":17},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎,专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式,采用直观的节点式流程图界面,让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景,也能自由组合模型、调整参数并实时预览效果,轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性,不仅支持 Windows、macOS 和 Linux 全平台,还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构,并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者,还是追求极致创作自由度的设计师与资深 AI 绘画爱好者,ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能,使其成为当前最灵活、生态最丰富的开源扩散模型工具之一,帮助用户将创意高效转化为现实。",108322,"2026-04-10T11:39:34",[14,15,13],{"id":45,"name":46,"github_repo":47,"description_zh":48,"stars":49,"difficulty_score":32,"last_commit_at":50,"category_tags":51,"status":17},6121,"gemini-cli","google-gemini\u002Fgemini-cli","gemini-cli 是一款由谷歌推出的开源 AI 命令行工具,它将强大的 Gemini 大模型能力直接集成到用户的终端环境中。对于习惯在命令行工作的开发者而言,它提供了一条从输入提示词到获取模型响应的最短路径,无需切换窗口即可享受智能辅助。\n\n这款工具主要解决了开发过程中频繁上下文切换的痛点,让用户能在熟悉的终端界面内直接完成代码理解、生成、调试以及自动化运维任务。无论是查询大型代码库、根据草图生成应用,还是执行复杂的 Git 操作,gemini-cli 都能通过自然语言指令高效处理。\n\n它特别适合广大软件工程师、DevOps 人员及技术研究人员使用。其核心亮点包括支持高达 100 万 token 的超长上下文窗口,具备出色的逻辑推理能力;内置 Google 搜索、文件操作及 Shell 命令执行等实用工具;更独特的是,它支持 MCP(模型上下文协议),允许用户灵活扩展自定义集成,连接如图像生成等外部能力。此外,个人谷歌账号即可享受免费的额度支持,且项目基于 Apache 2.0 协议完全开源,是提升终端工作效率的理想助手。",100752,"2026-04-10T01:20:03",[52,13,15,14],"插件",{"id":54,"name":55,"github_repo":56,"description_zh":57,"stars":58,"difficulty_score":32,"last_commit_at":59,"category_tags":60,"status":17},4721,"markitdown","microsoft\u002Fmarkitdown","MarkItDown 是一款由微软 AutoGen 团队打造的轻量级 Python 工具,专为将各类文件高效转换为 Markdown 格式而设计。它支持 PDF、Word、Excel、PPT、图片(含 OCR)、音频(含语音转录)、HTML 乃至 YouTube 链接等多种格式的解析,能够精准提取文档中的标题、列表、表格和链接等关键结构信息。\n\n在人工智能应用日益普及的今天,大语言模型(LLM)虽擅长处理文本,却难以直接读取复杂的二进制办公文档。MarkItDown 恰好解决了这一痛点,它将非结构化或半结构化的文件转化为模型“原生理解”且 Token 效率极高的 Markdown 格式,成为连接本地文件与 AI 分析 pipeline 的理想桥梁。此外,它还提供了 MCP(模型上下文协议)服务器,可无缝集成到 Claude Desktop 等 LLM 应用中。\n\n这款工具特别适合开发者、数据科学家及 AI 研究人员使用,尤其是那些需要构建文档检索增强生成(RAG)系统、进行批量文本分析或希望让 AI 助手直接“阅读”本地文件的用户。虽然生成的内容也具备一定可读性,但其核心优势在于为机器",93400,"2026-04-06T19:52:38",[52,14],{"id":62,"github_repo":63,"name":64,"description_en":65,"description_zh":66,"ai_summary_zh":66,"readme_en":67,"readme_zh":68,"quickstart_zh":69,"use_case_zh":70,"hero_image_url":71,"owner_login":72,"owner_name":73,"owner_avatar_url":74,"owner_bio":75,"owner_company":76,"owner_location":76,"owner_email":76,"owner_twitter":76,"owner_website":77,"owner_url":78,"languages":79,"stars":88,"forks":89,"last_commit_at":90,"license":91,"difficulty_score":32,"env_os":92,"env_gpu":93,"env_ram":92,"env_deps":94,"category_tags":100,"github_topics":76,"view_count":32,"oss_zip_url":76,"oss_zip_packed_at":76,"status":17,"created_at":101,"updated_at":102,"faqs":103,"releases":137},7031,"MadryLab\u002Frobustness","robustness","A library for experimenting with, training and evaluating neural networks, with a focus on adversarial robustness.","robustness 是由麻省理工学院 MadryLab 团队开发的一款 Python 库,旨在让神经网络的训练、评估与探索变得更加灵活便捷。它核心专注于提升模型的“对抗鲁棒性”,即解决深度学习模型在面对精心设计的微小干扰(对抗样本)时容易出错的安全隐患,同时也广泛适用于常规模型的快速实验。\n\n这款工具特别适合 AI 研究人员和开发者使用,尤其是那些致力于模型安全性、可解释性或需要高效复现前沿论文成果的团队。robustness 的独特亮点在于其高度模块化的设计:既提供了功能强大的命令行接口,让用户无需编写复杂代码即可一键启动标准或对抗训练;又支持作为 Python 包导入,允许用户深度定制数据集、网络架构、损失函数及优化策略。此外,它还内置了丰富的输入空间操作工具,轻松实现对抗样本生成、特征可视化及表征反转等高级任务。凭借在多个顶级研究项目中的实战验证,robustness 已成为连接理论研究与工程落地的高效桥梁,帮助用户以更低的门槛探索神经网络的深层机制。","robustness package\n==================\nInstall via ``pip``: ``pip install robustness``\n\nRead the docs: https:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Findex.html\n\n``robustness`` is a package we (students in the `MadryLab \u003Chttp:\u002F\u002Fmadry-lab.ml>`_) created\nto make training, evaluating, and exploring neural networks flexible and easy.\nWe use it in almost all of our projects (whether they involve\nadversarial training or not!) and it will be a dependency in many of our\nupcoming code releases. A few projects using the library include:\n\n- `Code for \"Learning Perceptually-Aligned Representations via Adversarial Robustness\" \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobust_representations>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F1906.00945) \n- `Code for\n \"Image Synthesis with a Single (Robust) Classifier\" \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness_applications>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F1906.09453)\n- `Code for\n \"Do Adversarially Robust ImageNet Models Transfer Better?\" \u003Chttps:\u002F\u002Fgithub.com\u002Fmicrosoft\u002Frobust-models-transfer>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2007.08489)\n- `Code for\n \"BREEDS: Benchmarks for Subpopulation Shift\"\n \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002FBREEDS-Benchmarks>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2008.04859)\n- `Code for\n \"Certified Patch Robustness via Smoothed Vision Transformers.\" \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Fsmoothed-vit>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2110.07719)\n- `Code for\n \"Unadversarial Examples: Designing Objects for Robust Vision.\" \u003Chttps:\u002F\u002Fgithub.com\u002Fmicrosoft\u002Funadversarial>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2012.12235)\n\nWe\ndemonstrate how to use the library in a set of walkthroughs and our API\nreference. Functionality provided by the library includes:\n\n- Training and evaluating standard and robust models for a variety of\n datasets\u002Farchitectures using a `CLI interface\n \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Fcli_usage.html>`_. The library also provides support for adding\n `custom datasets \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html#training-on-custom-datasets>`_ and `model architectures \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html#training-with-custom-architectures>`_.\n\n.. code-block:: bash\n\n python -m robustness.main --dataset cifar --data \u002Fpath\u002Fto\u002Fcifar \\\n --adv-train 0 --arch resnet18 --out-dir \u002Flogs\u002Fcheckpoints\u002Fdir\u002F\n\n- Performing `input manipulation\n \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Finput_space_manipulation.html>`_ using robust (or standard)\n models---this includes making adversarial examples, inverting representations,\n feature visualization, etc. The library offers a variety of optimization\n options (e.g. choice between real\u002Festimated gradients, Fourier\u002Fpixel basis,\n custom loss functions etc.), and is easily extendable.\n\n.. code-block:: python\n \n import torch as ch\n from robustness.datasets import CIFAR\n from robustness.model_utils import make_and_restore_model\n\n ds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\n model, _ = make_and_restore_model(arch='resnet50', dataset=ds, \n resume_path='\u002Fpath\u002Fto\u002Fmodel', state_dict_path='model')\n model.eval()\n attack_kwargs = {\n 'constraint': 'inf', # L-inf PGD \n 'eps': 0.05, # Epsilon constraint (L-inf norm)\n 'step_size': 0.01, # Learning rate for PGD\n 'iterations': 100, # Number of PGD steps\n 'targeted': True # Targeted attack\n 'custom_loss': None # Use default cross-entropy loss\n }\n\n _, test_loader = ds.make_loaders(workers=0, batch_size=10)\n im, label = next(iter(test_loader))\n target_label = (label + ch.randint_like(label, high=9)) % 10\n adv_out, adv_im = model(im, target_label, make_adv, **attack_kwargs)\n\n- Importing ``robustness`` as a package, which allows for easy training of\n neural networks with support for custom loss functions, logging, data loading,\n and more! A good introduction can be found in our two-part walkthrough\n (`Part 1 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_1.html>`_, \n `Part 2 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html>`_).\n\n.. code-block:: python\n\n from robustness import model_utils, datasets, train, defaults\n from robustness.datasets import CIFAR\n\n # We use cox (http:\u002F\u002Fgithub.com\u002FMadryLab\u002Fcox) to log, store and analyze \n # results. Read more at https\u002F\u002Fcox.readthedocs.io.\n from cox.utils import Parameters\n import cox.store\n\n # Hard-coded dataset, architecture, batch size, workers\n ds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\n m, _ = model_utils.make_and_restore_model(arch='resnet50', dataset=ds)\n train_loader, val_loader = ds.make_loaders(batch_size=128, workers=8)\n\n # Create a cox store for logging\n out_store = cox.store.Store(OUT_DIR)\n\n # Hard-coded base parameters\n train_kwargs = {\n 'out_dir': \"train_out\",\n 'adv_train': 1,\n 'constraint': '2',\n 'eps': 0.5,\n 'attack_lr': 1.5,\n 'attack_steps': 20\n }\n train_args = Parameters(train_kwargs)\n\n # Fill whatever parameters are missing from the defaults\n train_args = defaults.check_and_fill_args(train_args,\n defaults.TRAINING_ARGS, CIFAR)\n train_args = defaults.check_and_fill_args(train_args,\n defaults.PGD_ARGS, CIFAR)\n\n # Train a model\n train.train_model(train_args, m, (train_loader, val_loader), store=out_store)\n\n**Note**: ``robustness`` requires PyTorch to be installed with CUDA support.\n\nPretrained models\n-----------------\n\nAlong with the training code, we release a number of pretrained models for\ndifferent datasets, norms and ε-train values. This list will be updated as\nwe release more or improved models. *Please cite this library (see bibtex\nentry below) if you use these models in your research.* \n\nFor each (model, ε-test) combination we evaluate 20-step and 100-step PGD with a\nstep size of `2.5 * ε-test \u002F num_steps`. Since these two accuracies are quite \nclose to each other, we do not consider more steps of PGD.\nFor each value of ε-test, we highlight the best robust accuracy achieved over\ndifferent ε-train in bold.\n\n**Note #1**: We did not perform any hyperparameter tuning and simply used the same\nhyperparameters as standard training. It is likely that exploring different \ntraining hyperparameters will increasse these robust accuracies by a few percent\npoints.\n\n**Note #2**: The pytorch checkpoint (``.pt``) files below were saved with the following versions of PyTorch and Dill:\n\n.. code-block::\n\n torch==1.1.0\n dill==0.2.9\n\n\nCIFAR10 L2-norm (ResNet50):\n\n- `ε = 0.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fyhpp4yws7sgi6lj\u002Fcifar_nat.pt?dl=0>`_ (standard training)\n- `ε = 0.25 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002F2qsp7pt6t7uo71w\u002Fcifar_l2_0_25.pt?dl=0>`_\n- `ε = 0.5 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002F1zazwjfzee7c8i4\u002Fcifar_l2_0_5.pt?dl=0>`_\n- `ε = 1.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fs2x7thisiqxz095\u002Fcifar_l2_1_0.pt?dl=0>`_\n\n+--------------+----------------+-----------------+---------------------+---------------------+\n| CIFAR10 L2-robust accuracy |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| | ε-train |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| ε-test | 0.0 | 0.25 | 0.5 | 1.0 |\n+==============+================+=================+=====================+=====================+\n| 0.0 | **95.25% \u002F -** | 92.77% \u002F - | 90.83% \u002F - | 81.62% \u002F - |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 0.25 | 8.66% \u002F 7.34% | 81.21% \u002F 81.19% | **82.34% \u002F 82.31%** | 75.53% \u002F 75.53% |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 0.5 | 0.28% \u002F 0.14% | 62.30% \u002F 62.13% | **70.17% \u002F 70.11%** | 68.63% \u002F 68.61% |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 1.0 | 0.00% \u002F 0.00% | 21.18% \u002F 20.66% | 40.47% \u002F 40.22% | **52.72% \u002F 52.61%** |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 2.0 | 0.00% \u002F 0.00% | 0.58% \u002F 0.46% | 5.23% \u002F 4.97% | **18.59% \u002F 18.05%** |\n+--------------+----------------+-----------------+---------------------+---------------------+\n\nCIFAR10 Linf-norm (ResNet50):\n\n- ε = 0.0 (PyTorch pre-trained)\n- `ε = 8\u002F255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fc9qlt1lbdnu9tlo\u002Fcifar_linf_8.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+\n| CIFAR10 Linf-robust accuracy |\n+--------------+-----------------+---------------------+\n| | ε-train |\n+--------------+-----------------+---------------------+\n| ε-test | 0 \u002F 255 | 8 \u002F 255 |\n+==============+=================+=====================+\n| 0 \u002F 255 | **95.25% \u002F -** | 87.03% \u002F - |\n+--------------+-----------------+---------------------+\n| 8 \u002F 255 | 0.00% \u002F 0.00% | **53.49% \u002F 53.29%** |\n+--------------+-----------------+---------------------+\n| 16 \u002F 255 | 0.00% \u002F 0.00% | **18.13% \u002F 17.62%** |\n+--------------+-----------------+---------------------+\n\nImageNet L2-norm (ResNet50):\n\n- ε = 0.0 (PyTorch pre-trained)\n- `ε = 3.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fknf4uimlqsi1yz8\u002Fimagenet_l2_3_0.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+\n| ImageNet L2-robust accuracy |\n+--------------+-----------------+---------------------+\n| | ε-train |\n+--------------+-----------------+---------------------+\n| ε-test | 0.0 | 3.0 |\n+==============+=================+=====================+\n| 0.0 | **76.13% \u002F -** | 57.90% \u002F - |\n+--------------+-----------------+---------------------+\n| 0.5 | 3.35% \u002F 2.98% | **54.42% \u002F 54.42%** |\n+--------------+-----------------+---------------------+\n| 1.0 | 0.44% \u002F 0.37% | **50.67% \u002F 50.67%** |\n+--------------+-----------------+---------------------+\n| 2.0 | 0.16% \u002F 0.14% | **43.04% \u002F 43.02%** |\n+--------------+-----------------+---------------------+\n| 3.0 | 0.13% \u002F 0.12% | **35.16% \u002F 35.09%** |\n+--------------+-----------------+---------------------+\n\nImageNet Linf-norm (ResNet50):\n\n- ε = 0.0 (PyTorch pre-trained)\n- `ε = 4 \u002F 255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Faxfuary2w1cnyrg\u002Fimagenet_linf_4.pt?dl=0>`_\n- `ε = 8 \u002F 255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fyxn15a9zklz3s8q\u002Fimagenet_linf_8.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+---------------------+\n| ImageNet Linf-robust accuracy |\n+--------------+-----------------+---------------------+---------------------+\n| | ε-train |\n+--------------+-----------------+---------------------+---------------------+\n| ε-test | 0.0 | 4 \u002F 255 | 8 \u002F 255 |\n+==============+=================+=====================+=====================+\n| 0 \u002F 255 | **76.13% \u002F -** | 62.42% \u002F - | 47.91% \u002F - |\n+--------------+-----------------+---------------------+---------------------+\n| 4 \u002F 255 | 0.04% \u002F 0.03% | **33.58% \u002F 33.38%** | 33.06% \u002F 33.03% |\n+--------------+-----------------+---------------------+---------------------+\n| 8 \u002F 255 | 0.01% \u002F 0.01% | 13.13% \u002F 12.73% | **19.63% \u002F 19.52%** |\n+--------------+-----------------+---------------------+---------------------+\n| 16 \u002F 255 | 0.01% \u002F 0.01% | 1.53% \u002F 1.37% | **5.00% \u002F 4.82%** |\n+--------------+-----------------+---------------------+---------------------+\n\nCitation\n--------\nIf you use this library in your research, cite it as\nfollows:\n\n.. code-block:: bibtex\n \n @misc{robustness,\n title={Robustness (Python Library)},\n author={Logan Engstrom and Andrew Ilyas and Hadi Salman and Shibani Santurkar and Dimitris Tsipras},\n year={2019},\n url={https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness}\n }\n\n*(Have you used the package and found it useful? Let us know!)*.\n\nMaintainers\n-------------\n- `Andrew Ilyas \u003Chttps:\u002F\u002Ftwitter.com\u002Fandrew_ilyas>`_\n- `Logan Engstrom \u003Chttps:\u002F\u002Ftwitter.com\u002Flogan_engstrom>`_\n- `Shibani Santurkar \u003Chttps:\u002F\u002Ftwitter.com\u002FShibaniSan>`_\n- `Dimitris Tsipras \u003Chttps:\u002F\u002Ftwitter.com\u002Ftsiprasd>`_\n- `Hadi Salman \u003Chttps:\u002F\u002Ftwitter.com\u002FhadisalmanX>`_\n\nContributors\u002FCommiters\n'''''''''''''''''''''''\n- See `here \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fpulse>`_ \n","鲁棒性包\n==================\n通过 ``pip`` 安装:``pip install robustness``\n\n阅读文档:https:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Findex.html\n\n``robustness`` 是我们(`MadryLab \u003Chttp:\u002F\u002Fmadry-lab.ml>`_ 的学生)创建的一个软件包,旨在使神经网络的训练、评估和探索更加灵活便捷。我们在几乎所有的项目中都会使用它(无论是否涉及对抗训练!),并且它也将成为我们未来许多代码发布版本的依赖项。使用该库的一些项目包括:\n\n- `“通过对抗鲁棒性学习感知对齐表示”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobust_representations>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F1906.00945) \n- `“仅用一个(鲁棒)分类器进行图像合成”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness_applications>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F1906.09453)\n- `“对抗鲁棒的 ImageNet 模型迁移能力更好吗?”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002Fmicrosoft\u002Frobust-models-transfer>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2007.08489)\n- `“BREEDS:子群体分布偏移基准测试”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002FBREEDS-Benchmarks>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2008.04859)\n- `“基于平滑视觉Transformer的认证补丁鲁棒性”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Fsmoothed-vit>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2110.07719)\n- `“非对抗性样本:设计用于鲁棒视觉的对象”的代码 \u003Chttps:\u002F\u002Fgithub.com\u002Fmicrosoft\u002Funadversarial>`_ (https:\u002F\u002Farxiv.org\u002Fabs\u002F2012.12235)\n\n我们在一系列教程和 API 参考中展示了如何使用该库。该库提供的功能包括:\n\n- 使用 `CLI 界面 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Fcli_usage.html>`_ 为多种数据集\u002F架构训练和评估标准及鲁棒模型。该库还支持添加 `自定义数据集 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html#training-on-custom-datasets>`_ 和 `自定义模型架构 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html#training-with-custom-architectures>`_。\n\n.. code-block:: bash\n\n python -m robustness.main --dataset cifar --data \u002Fpath\u002Fto\u002Fcifar \\\n --adv-train 0 --arch resnet18 --out-dir \u002Flogs\u002Fcheckpoints\u002Fdir\u002F\n\n- 使用鲁棒(或标准)模型进行 `输入空间操作 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Finput_space_manipulation.html>`_——这包括生成对抗样本、反演表征、特征可视化等。该库提供了多种优化选项(例如,选择真实梯度或估计梯度、傅里叶基或像素基、自定义损失函数等),并且易于扩展。\n\n.. code-block:: python\n \n import torch as ch\n from robustness.datasets import CIFAR\n from robustness.model_utils import make_and_restore_model\n\n ds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\n model, _ = make_and_restore_model(arch='resnet50', dataset=ds, \n resume_path='\u002Fpath\u002Fto\u002Fmodel', state_dict_path='model')\n model.eval()\n attack_kwargs = {\n 'constraint': 'inf', # L-inf PGD \n 'eps': 0.05, # Epsilon约束(L-inf范数)\n 'step_size': 0.01, # PGD的学习率\n 'iterations': 100, # PGD的步数\n 'targeted': True # 目标攻击\n 'custom_loss': None # 使用默认的交叉熵损失\n }\n\n _, test_loader = ds.make_loaders(workers=0, batch_size=10)\n im, label = next(iter(test_loader))\n target_label = (label + ch.randint_like(label, high=9)) % 10\n adv_out, adv_im = model(im, target_label, make_adv, **attack_kwargs)\n\n- 将 ``robustness`` 作为包导入,从而可以轻松训练神经网络,并支持自定义损失函数、日志记录、数据加载等功能!我们的两部分教程提供了一个很好的入门介绍(`第一部分 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_1.html>`_, `第二部分 \u003Chttps:\u002F\u002Frobustness.readthedocs.io\u002Fen\u002Flatest\u002Fexample_usage\u002Ftraining_lib_part_2.html>`_)。\n\n.. code-block:: python\n\n from robustness import model_utils, datasets, train, defaults\n from robustness.datasets import CIFAR\n\n # 我们使用 cox(http:\u002F\u002Fgithub.com\u002FMadryLab\u002Fcox)来记录、存储和分析结果。更多信息请参见 https\u002F\u002Fcox.readthedocs.io。\n from cox.utils import Parameters\n import cox.store\n\n # 硬编码的数据集、架构、批量大小、工作线程数\n ds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\n m, _ = model_utils.make_and_restore_model(arch='resnet50', dataset=ds)\n train_loader, val_loader = ds.make_loaders(batch_size=128,workers=8)\n\n # 创建一个 cox 存储用于日志记录\n out_store = cox.store.Store(OUT_DIR)\n\n # 硬编码的基本参数\n train_kwargs = {\n 'out_dir': \"train_out\",\n 'adv_train': 1,\n 'constraint': '2',\n 'eps': 0.5,\n 'attack_lr': 1.5,\n 'attack_steps': 20\n }\n train_args = Parameters(train_kwargs)\n\n # 填充默认参数中缺失的部分\n train_args = defaults.check_and_fill_args(train_args,\n defaults.TRAINING_ARGS,CIFAR)\n train_args = defaults.check_and_fill_args(train_args,\n defaults.PGD_ARGS,CIFAR)\n\n # 训练模型\n train.train_model(train_args,m,(train_loader,val_loader),store=out_store)\n\n**注意**:``robustness`` 需要安装支持 CUDA 的 PyTorch。\n\n预训练模型\n-----------------\n\n除了训练代码外,我们还发布了针对不同数据集、范数和 ε 训练值的若干预训练模型。随着更多或更优模型的发布,此列表将不断更新。*如果您在研究中使用这些模型,请引用本库(见下方的 BibTeX 条目)。*\n\n对于每种(模型,ε 测试)组合,我们都会以 `2.5 * ε-test \u002F num_steps` 的步长运行 20 步和 100 步的 PGD。由于这两种准确率非常接近,我们不再考虑更多的 PGD 步数。对于每个 ε 测试值,我们会用粗体突出显示不同 ε 训练下达到的最佳鲁棒准确率。\n\n**注释 #1**:我们并未进行超参数调优,而是直接沿用了标准训练时的超参数。探索不同的训练超参数很可能会使这些鲁棒准确率再提高几个百分点。\n\n**注释 #2**:以下的 PyTorch 检查点(``.pt``)文件是使用以下版本的 PyTorch 和 Dill 保存的:\n\n.. code-block::\n\n torch==1.1.0\n dill==0.2.9\n\n\nCIFAR10 L2 范数(ResNet50):\n\n- `ε = 0.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fyhpp4yws7sgi6lj\u002Fcifar_nat.pt?dl=0>`_(标准训练)\n- `ε = 0.25 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002F2qsp7pt6t7uo71w\u002Fcifar_l2_0_25.pt?dl=0>`_\n- `ε = 0.5 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002F1zazwjfzee7c8i4\u002Fcifar_l2_0_5.pt?dl=0>`_\n- `ε = 1.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fs2x7thisiqxz095\u002Fcifar_l2_1_0.pt?dl=0>`_\n\n+--------------+----------------+-----------------+---------------------+---------------------+\n| CIFAR10 L2-鲁棒准确率 |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| | ε-训练 |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| ε-测试 | 0.0 | 0.25 | 0.5 | 1.0 |\n+==============+================+=================+=====================+=====================+\n| 0.0 | **95.25% \u002F -** | 92.77% \u002F - | 90.83% \u002F - | 81.62% \u002F - |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 0.25 | 8.66% \u002F 7.34% | 81.21% \u002F 81.19% | **82.34% \u002F 82.31%** | 75.53% \u002F 75.53% |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 0.5 | 0.28% \u002F 0.14% | 62.30% \u002F 62.13% | **70.17% \u002F 70.11%** | 68.63% \u002F 68.61% |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 1.0 | 0.00% \u002F 0.00% | 21.18% \u002F 20.66% | 40.47% \u002F 40.22% | **52.72% \u002F 52.61%** |\n+--------------+----------------+-----------------+---------------------+---------------------+\n| 2.0 | 0.00% \u002F 0.00% | 0.58% \u002F 0.46% | 5.23% \u002F 4.97% | **18.59% \u002F 18.05%** |\n+--------------+----------------+-----------------+---------------------+---------------------+\n\nCIFAR10 Linf范数(ResNet50):\n\n- ε = 0.0(PyTorch预训练模型)\n- `ε = 8\u002F255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fc9qlt1lbdnu9tlo\u002Fcifar_linf_8.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+\n| CIFAR10 Linf-鲁棒准确率 |\n+--------------+-----------------+---------------------+\n| | ε-训练 |\n+--------------+-----------------+---------------------+\n| ε-测试 | 0 \u002F 255 | 8 \u002F 255 |\n+==============+=================+=====================+\n| 0 \u002F 255 | **95.25% \u002F -** | 87.03% \u002F - |\n+--------------+-----------------+---------------------+\n| 8 \u002F 255 | 0.00% \u002F 0.00% | **53.49% \u002F 53.29%** |\n+--------------+-----------------+---------------------+\n| 16 \u002F 255 | 0.00% \u002F 0.00% | **18.13% \u002F 17.62%** |\n+--------------+-----------------+---------------------+\n\nImageNet L2范数(ResNet50):\n\n- ε = 0.0(PyTorch预训练模型)\n- `ε = 3.0 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fknf4uimlqsi1yz8\u002Fimagenet_l2_3_0.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+\n| ImageNet L2-鲁棒准确率 |\n+--------------+-----------------+---------------------+\n| | ε-训练 |\n+--------------+-----------------+---------------------+\n| ε-测试 | 0.0 | 3.0 |\n+==============+=================+=====================+\n| 0.0 | **76.13% \u002F -** | 57.90% \u002F - |\n+--------------+-----------------+---------------------+\n| 0.5 | 3.35% \u002F 2.98% | **54.42% \u002F 54.42%** |\n+--------------+-----------------+---------------------+\n| 1.0 | 0.44% \u002F 0.37% | **50.67% \u002F 50.67%** |\n+--------------+-----------------+---------------------+\n| 2.0 | 0.16% \u002F 0.14% | **43.04% \u002F 43.02%** |\n+--------------+-----------------+---------------------+\n| 3.0 | 0.13% \u002F 0.12% | **35.16% \u002F 35.09%** |\n+--------------+-----------------+---------------------+\n\nImageNet Linf范数(ResNet50):\n\n- ε = 0.0(PyTorch预训练模型)\n- `ε = 4 \u002F 255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Faxfuary2w1cnyrg\u002Fimagenet_linf_4.pt?dl=0>`_\n- `ε = 8 \u002F 255 \u003Chttps:\u002F\u002Fwww.dropbox.com\u002Fs\u002Fyxn15a9zklz3s8q\u002Fimagenet_linf_8.pt?dl=0>`_\n\n+--------------+-----------------+---------------------+---------------------+\n| ImageNet Linf-鲁棒准确率 |\n+--------------+-----------------+---------------------+---------------------+\n| | ε-训练 |\n+--------------+-----------------+---------------------+---------------------+\n| ε-测试 | 0.0 | 4 \u002F 255 | 8 \u002F 255 |\n+==============+=================+=====================+=====================+\n| 0 \u002F 255 | **76.13% \u002F -** | 62.42% \u002F - | 47.91% \u002F - |\n+--------------+-----------------+---------------------+---------------------+\n| 4 \u002F 255 | 0.04% \u002F 0.03% | **33.58% \u002F 33.38%** | 33.06% \u002F 33.03% |\n+--------------+-----------------+---------------------+---------------------+\n| 8 \u002F 255 | 0.01% \u002F 0.01% | 13.13% \u002F 12.73% | **19.63% \u002F 19.52%** |\n+--------------+-----------------+---------------------+---------------------+\n| 16 \u002F 255 | 0.01% \u002F 0.01% | 1.53% \u002F 1.37% | **5.00% \u002F 4.82%** |\n+--------------+-----------------+---------------------+---------------------+\n\n引用\n--------\n如果您在研究中使用本库,请按以下方式引用:\n\n.. code-block:: bibtex\n \n @misc{robustness,\n title={Robustness (Python Library)},\n author={Logan Engstrom and Andrew Ilyas and Hadi Salman and Shibani Santurkar and Dimitris Tsipras},\n year={2019},\n url={https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness}\n }\n\n*(您是否使用过该软件包并觉得有用?请告诉我们!)*\n\n维护者\n-------------\n- `Andrew Ilyas \u003Chttps:\u002F\u002Ftwitter.com\u002Fandrew_ilyas>`_\n- `Logan Engstrom \u003Chttps:\u002F\u002Ftwitter.com\u002Flogan_engstrom>`_\n- `Shibani Santurkar \u003Chttps:\u002F\u002Ftwitter.com\u002FShibaniSan>`_\n- `Dimitris Tsipras \u003Chttps:\u002F\u002Ftwitter.com\u002Ftsiprasd>`_\n- `Hadi Salman \u003Chttps:\u002F\u002Ftwitter.com\u002FhadisalmanX>`_\n\n贡献者\u002F提交者\n'''''''''''''''''''''''\n- 请参阅 `此处 \u003Chttps:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fpulse>`_","# Robustness 快速上手指南\n\n`robustness` 是由 MIT MadryLab 开发的 PyTorch 工具包,旨在让神经网络的训练、评估和探索(特别是对抗鲁棒性研究)变得更加灵活和简单。它支持标准训练和对抗训练,并提供丰富的输入空间操作功能。\n\n## 环境准备\n\n在开始之前,请确保您的开发环境满足以下要求:\n\n* **操作系统**: Linux 或 macOS (Windows 支持可能受限,推荐 Linux)\n* **Python**: 建议 Python 3.6+\n* **核心依赖**: \n * **PyTorch**: 必须安装带有 **CUDA 支持** 的版本。\n * **cox**: 该库依赖 `cox` 进行日志记录和结果存储(通常会自动安装)。\n* **硬件**: 推荐使用 NVIDIA GPU 以加速训练和对抗样本生成。\n\n## 安装步骤\n\n您可以直接通过 `pip` 进行安装。为了提高下载速度,国内用户建议使用清华或阿里镜像源。\n\n### 方式一:使用国内镜像源(推荐)\n\n```bash\npip install robustness -i https:\u002F\u002Fpypi.tuna.tsinghua.edu.cn\u002Fsimple\n```\n\n### 方式二:标准安装\n\n```bash\npip install robustness\n```\n\n安装完成后,您可以访问官方文档获取更多细节:https:\u002F\u002Frobustness.readthedocs.io\n\n## 基本使用\n\n`robustness` 提供了两种主要的使用方式:命令行接口 (CLI) 和 Python API。\n\n### 1. 命令行快速训练 (CLI)\n\n这是最简单的方式,无需编写代码即可启动标准训练或对抗训练。以下示例展示如何在 CIFAR-10 数据集上使用 ResNet18 进行**标准训练**(非对抗):\n\n```bash\npython -m robustness.main --dataset cifar --data \u002Fpath\u002Fto\u002Fcifar \\\n --adv-train 0 --arch resnet18 --out-dir \u002Flogs\u002Fcheckpoints\u002Fdir\u002F\n```\n\n* `--dataset`: 指定数据集 (如 `cifar`, `imagenet`)。\n* `--data`: 本地数据集路径。\n* `--adv-train`: 设为 `0` 表示标准训练,设为 `1` 表示开启对抗训练。\n* `--arch`: 模型架构 (如 `resnet18`, `resnet50`)。\n* `--out-dir`: 模型检查和日志输出目录。\n\n### 2. Python API 使用示例\n\n如果您需要更灵活的控制(如自定义攻击参数、加载预训练模型),可以使用 Python API。以下示例演示了如何加载模型并生成**有目标的对抗样本**:\n\n```python\nimport torch as ch\nfrom robustness.datasets import CIFAR\nfrom robustness.model_utils import make_and_restore_model\n\n# 1. 初始化数据集\nds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\n\n# 2. 加载模型 (可以是随机初始化或加载预训练权重)\nmodel, _ = make_and_restore_model(arch='resnet50', dataset=ds, \n resume_path='\u002Fpath\u002Fto\u002Fmodel', state_dict_path='model')\nmodel.eval()\n\n# 3. 配置对抗攻击参数 (L-inf PGD)\nattack_kwargs = {\n 'constraint': 'inf', # 约束类型: L-inf\n 'eps': 0.05, # 扰动上限\n 'step_size': 0.01, # 步长\n 'iterations': 100, # 迭代次数\n 'targeted': True, # 是否为有目标攻击\n 'custom_loss': None # 使用默认交叉熵损失\n}\n\n# 4. 获取测试数据\n_, test_loader = ds.make_loaders(workers=0, batch_size=10)\nim, label = next(iter(test_loader))\n\n# 生成目标标签 (将真实标签随机改为其他类别)\ntarget_label = (label + ch.randint_like(label, high=9)) % 10\n\n# 5. 执行攻击并获取对抗样本\n# adv_out: 模型对对抗样本的输出; adv_im: 生成的对抗图像\nadv_out, adv_im = model(im, target_label, make_adv=True, **attack_kwargs)\n```\n\n### 3. 高级训练脚本 (使用 cox 日志系统)\n\n对于需要自定义训练循环、损失函数或详细日志记录的研究项目,可以结合 `cox` 库进行编程式训练:\n\n```python\nfrom robustness import model_utils, datasets, train, defaults\nfrom robustness.datasets import CIFAR\nfrom cox.utils import Parameters\nimport cox.store\n\n# 初始化数据集和模型\nds = CIFAR('\u002Fpath\u002Fto\u002Fcifar')\nm, _ = model_utils.make_and_restore_model(arch='resnet50', dataset=ds)\ntrain_loader, val_loader = ds.make_loaders(batch_size=128, workers=8)\n\n# 创建日志存储\nout_store = cox.store.Store(\"train_out\")\n\n# 配置训练参数 (此处示例为对抗训练)\ntrain_kwargs = {\n 'out_dir': \"train_out\",\n 'adv_train': 1, # 开启对抗训练\n 'constraint': '2', # L2 约束\n 'eps': 0.5,\n 'attack_lr': 1.5,\n 'attack_steps': 20\n}\ntrain_args = Parameters(train_kwargs)\n\n# 填充默认缺失参数\ntrain_args = defaults.check_and_fill_args(train_args, defaults.TRAINING_ARGS, CIFAR)\ntrain_args = defaults.check_and_fill_args(train_args, defaults.PGD_ARGS, CIFAR)\n\n# 开始训练\ntrain.train_model(train_args, m, (train_loader, val_loader), store=out_store)\n```\n\n> **提示**: 更多预训练模型(涵盖不同数据集、范数约束和 $\\epsilon$ 值)可在项目 README 的 \"Pretrained models\" 部分找到下载链接。使用时请注意对应的 PyTorch 版本兼容性(推荐 torch==1.1.0+ 用于加载旧版检查点,新版通常兼容良好)。","某自动驾驶初创公司的算法团队正在开发交通标志识别系统,急需验证模型在对抗攻击下的安全性以防止恶意误导。\n\n### 没有 robustness 时\n- **代码重复造轮子**:工程师需手动编写复杂的 PGD 对抗样本生成逻辑和自定义训练循环,耗费数周时间且容易引入 Bug。\n- **实验复现困难**:缺乏统一的评估标准,不同成员编写的测试脚本接口不一致,导致难以横向对比普通模型与鲁棒模型的性能差异。\n- **扩展性差**:若要尝试新的损失函数或切换数据集(如从 CIFAR-10 转到 ImageNet),往往需要重构大量底层数据加载和模型初始化代码。\n- **调试成本高**:在进行特征可视化或输入空间操纵实验时,缺少现成的优化选项(如傅里叶基约束),排查梯度异常极其耗时。\n\n### 使用 robustness 后\n- **开箱即用的高效训练**:通过简单的 CLI 命令或几行 Python 代码,即可一键启动支持对抗训练的标准流程,将环境搭建时间从数周缩短至几小时。\n- **标准化的评估体系**:利用内置的多样化攻击算法和统一的数据集接口,团队能快速产出可复现的基准测试报告,清晰量化模型的安全边界。\n- **灵活的定制能力**:无缝支持自定义模型架构与损失函数,研究人员可轻松在现有框架上集成最新论文提出的改进策略,无需改动底层逻辑。\n- **丰富的探索工具**:直接调用库中的输入操纵功能进行特征可视化和定向攻击测试,快速定位模型弱点并指导后续优化方向。\n\nrobustness 将原本繁琐脆弱的对抗鲁棒性研究流程标准化,让团队能专注于核心算法创新而非工程细节。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002FMadryLab_robustness_0532fd4a.png","MadryLab","Madry Lab","https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002FMadryLab_4dfbd7f6.png","Towards a Principled Science of Deep Learning",null,"madry-lab.ml","https:\u002F\u002Fgithub.com\u002FMadryLab",[80,84],{"name":81,"color":82,"percentage":83},"Jupyter Notebook","#DA5B0B",93.7,{"name":85,"color":86,"percentage":87},"Python","#3572A5",6.3,942,178,"2026-04-02T23:23:04","MIT","未说明","必需 NVIDIA GPU(需安装支持 CUDA 的 PyTorch),具体型号和显存大小未说明",{"notes":95,"python":92,"dependencies":96},"该工具包明确依赖支持 CUDA 的 PyTorch 版本。提供的预训练模型 (.pt 文件) 是基于 PyTorch 1.1.0 和 dill 0.2.9 保存的,使用较新版本加载时可能需要注意兼容性。主要功能包括对抗训练、评估及输入空间操作(如生成对抗样本)。",[97,98,99],"torch (需支持 CUDA)","cox","dill==0.2.9",[15,14],"2026-03-27T02:49:30.150509","2026-04-13T13:36:27.759515",[104,109,114,119,124,129,133],{"id":105,"question_zh":106,"answer_zh":107,"source_url":108},31647,"加载预训练的鲁棒模型(如 CIFAR10 L2-norm ResNet50)时出现报错怎么办?","这通常是由于 `cox` 库版本不兼容导致的。请尝试更新 `cox` 库到指定版本(例如 `0.1.post2`)。运行命令:`pip install --upgrade cox` 或指定版本 `pip install cox==0.1.post2` 即可解决该问题。","https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fissues\u002F8",{"id":110,"question_zh":111,"answer_zh":112,"source_url":113},31648,"如何在 Python 3.8 环境下加载预训练模型时避免 TypeError 错误?","在 Python 3.8 中加载旧版模型可能会因 pickle 模块兼容性问题报错。确保使用与模型保存时兼容的 `dill` 和 `torch` 版本。如果问题依旧,建议在 Python 3.7 环境中加载模型,或重新保存模型以适配新版 Python。","https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fissues\u002F81",{"id":115,"question_zh":116,"answer_zh":117,"source_url":118},31649,"如何使用自定义数据集进行微调并开展对抗训练?","首先定义一个继承自 `DataSet` 的自定义数据集类,并将 `num_classes` 设置为你实际的类别数(例如 10)。然后使用 `make_and_restore_model` 加载模型,并手动替换最后的全连接层以适应新类别数。注意:无法直接加载原有检查点权重到新结构模型,需从头训练或使用迁移学习仓库(如 robust-models-transfer)中的方法。示例代码:\n```python\nds = MyDataset('\u002Fpath\u002Fto\u002Fdataset', batch_size=8)\nmodel, _ = make_and_restore_model(arch='resnet50', dataset=ds)\nnum_ftrs = model.model.fc.in_features\nmodel.model.fc = nn.Linear(num_ftrs, 10)\n```","https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fissues\u002F96",{"id":120,"question_zh":121,"answer_zh":122,"source_url":123},31650,"Restricted ImageNet 数据集中的类别不平衡问题如何处理?","官方未提供专门的采样器或损失加权来处理类别不平衡。如果追求定量结果,建议自行实现类别平衡策略(如加权损失或重采样);若仅需定性分析,则可直接使用提供的 Restricted ImageNet 数据集进行训练,影响较小。","https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fissues\u002F3",{"id":125,"question_zh":126,"answer_zh":127,"source_url":128},31651,"如何在显存有限(如 3GB)的设备上训练大型模型(如 VGG19)?","可采用以下两种策略:1)将全连接层移至 CPU 运行,仅卷积层保留在 GPU,以减少显存占用;2)将大批次拆分为多个小批次,累积梯度后再执行优化器步长更新。例如,目标 batch_size=512 可拆为 64 次 batch_size=8 的前向\u002F反向传播,再调用一次 `optimizer.step()`。注意 VGG 无归一化层,此方法不影响训练稳定性。","https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobustness\u002Fissues\u002F82",{"id":130,"question_zh":131,"answer_zh":132,"source_url":123},31652,"如何复现论文中的实验结果?是否有相关代码开源?","目前未完整开源复现论文所有实验的代码包。但可使用本库提供的对抗攻击和训练功能重现部分结果(如 D_det 和 D_rand)。对于 D_R 和 D_NR 数据集,可通过表示反转技术生成,相关代码已开源在:https:\u002F\u002Fgithub.com\u002FMadryLab\u002Frobust_representations\u002Fblob\u002Fmaster\u002Fimage_inversion.ipynb",{"id":134,"question_zh":135,"answer_zh":136,"source_url":128},31653,"自定义数据集的目录结构应如何组织才能被正确识别?","自定义数据集的目录结构应模仿 PyTorch 风格的 ImageNet 格式,即主文件夹下按类别分子文件夹,每个子文件夹包含对应类别的图片文件。例如:`\u002Fdata\u002Fclass1\u002Fimg1.jpg`, `\u002Fdata\u002Fclass2\u002Fimg2.jpg`。Places 数据集网站可能提供更友好的结构选项供参考。",[138,143,148,153,158,163,167],{"id":139,"version":140,"summary_zh":141,"released_at":142},238887,"1.2.1.post2","- 支持 SqueezeNet 架构\n- 修复与 PyTorch 1.7 的不兼容问题 (#83)\n- 允许用户通过 `train.train_model` 函数的 `dp_device_ids` 参数仅指定部分设备 ID 进行训练\n- 更新 requirements.txt","2020-12-01T06:11:12",{"id":144,"version":145,"summary_zh":146,"released_at":147},238888,"1.2.1.post1","BREEDS 数据集中的小修复","2020-08-12T16:25:22",{"id":149,"version":150,"summary_zh":151,"released_at":152},238889,"1.2.1","添加 BREEDS 数据集,修复 minor bug","2020-08-06T15:42:15",{"id":154,"version":155,"summary_zh":156,"released_at":157},238890,"v1.2-post1","- 恢复 ImageNetHierarchy 类\n- 改进数据集参数的类型检查","2020-07-11T05:56:30",{"id":159,"version":160,"summary_zh":161,"released_at":162},238891,"1.2","- 最大的新特性:\n - 新的 ImageNet 模型\n - 混合精度训练\n - 新增 OpenImages 和 Places365 数据集\n - 可以指定自定义准确率函数(自定义损失函数此前已支持,此次仅用于日志记录)\n - 恢复功能得到改进\n- 命令行训练方面的变更:\n - ``--custom-lr-schedule`` 被 ``--custom-lr-multiplier`` 替代(格式相同)\n - ``--eps-fadein-epochs`` 被通用的 ``--custom-eps-multiplier`` 替代(现在格式与自定义学习率调度一致)\n - ``--step-lr-gamma`` 现在可用于调整学习率下降的幅度(之前固定为 10 倍下降)\n - 新增 ``--lr-interpolation`` 参数(可在调度中的学习率之间选择线性插值或阶梯式插值)\n - ``--weight_decay`` 现在更名为 ``--weight-decay``,以符合惯例\n - ``--resume-optimizer`` 是一个 0\u002F1 参数,用于决定是恢复优化器和学习率调度,还是仅恢复模型本身\n - ``--mixed-precision`` 是一个 0\u002F1 参数,用于决定是否使用混合精度训练(需要 PyTorch 编译时支持 AMP)\n- 模型和数据加载:\n - 默认情况下,加载模型时 DataParallel 已关闭,即使指定了恢复路径也是如此(此前对于新模型默认关闭,而对于恢复的模型默认开启)\n - 为 ``make_and_restore_model`` 新增了 ``add_custom_forward`` 方法(详情请参阅文档)\n - 现在可以为训练数据子集划分传递随机种子\n- 训练:\n - 请参阅新的命令行功能——大多数都有对应的库式训练接口\n - 修复了一个无法恢复优化器和调度的 bug\n - 支持自定义准确率函数\n - 现在可以禁用测试集评估中的 ``torch.nograd``(以防您有一个需要在验证集上也计算梯度的自定义准确率函数)\n- PGD:\n - L2 攻击的随机起始点得到改进\n - 新增了 ``RandomStep`` 攻击步骤(适用于训练过程中噪声大小不断变化的大噪声训练场景)\n - 修复了 ``with_image`` 参数中的一个小 bug\n- 模型保存:\n - 准确率现在会保存在检查点文件中(而不仅仅是日志存储中)\n - 从日志存储中移除了冗余的检查点表格,因为它与最新的检查点文件重复,只会浪费空间\n- 清理:\n - 移除辅助文件中冗余的 ``save_checkpoint`` 函数\n - 代码流程优化","2020-07-05T05:19:12",{"id":164,"version":165,"summary_zh":76,"released_at":166},238892,"v1.1","2019-11-01T06:18:35",{"id":168,"version":169,"summary_zh":76,"released_at":170},238893,"v1.0-post1","2019-11-01T06:06:18"]