Add critical preprocessing transforms for robust protection testing#21
Draft
Claude wants to merge 2 commits into
Draft
Add critical preprocessing transforms for robust protection testing#21Claude wants to merge 2 commits into
Claude wants to merge 2 commits into
Conversation
Implemented 5 new transform functions and extended the transform suite from 4 to 13 transforms: - JPEG compression (quality 95, 85, 75) - critical for real-world purification testing - Center crop (90%, 80%) - standard data augmentation - Random crop (90%) - stochastic augmentation - Color jitter - brightness/contrast/saturation/hue shifts - Gaussian noise injection - regularization testing - Stronger Gaussian blur (σ=2.0) - parameter space exploration Added comprehensive tests for all new transforms. Agent-Logs-Url: https://github.com/VoDaiLocz/Lock-ART./sessions/d2f11000-488b-4c39-b96a-4080dacd0749 Co-authored-by: VoDaiLocz <88762074+VoDaiLocz@users.noreply.github.com>
Claude
AI
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The robustness testing suite included only 4 basic transforms (identity, gaussian blur, 2 resize operations), missing critical preprocessing steps that real-world mimicry pipelines (DreamBooth/LoRA) actually use. This created a false sense of robustness—protection may survive gaussian blur but fail against JPEG compression, center crops, or common training augmentations.
Changes
Extended transform suite from 4 to 12 transforms:
jpeg_compress_decompress) at quality 95/85/75 - most effective purification defense, uses real JPEG artifacts via PIL instead of bilinear resize proxycenter_crop_and_resize) at 90%/80% - standard data augmentation in training pipelinesrandom_crop_and_resize) at 90% - stochastic training augmentationcolor_jitter) - brightness/contrast/saturation/hue shifts common in trainingadd_gaussian_noise) at σ=0.01 - regularization noise testingBackward compatibility: Renamed original
gaussian_blur→gaussian_blur_mildto clarify it's part of a spectrum.Example
All transforms preserve image shape and bounds [0, 1], handle tensors with gradients (
.detach()in JPEG), and include comprehensive test coverage.