def train(epochs):
print('==> Preparing data..')
transform_train = transforms.Compose([
transforms.RandomCrop(32, padding=4),
transforms.RandomHorizontalFlip(),
transforms.ToTensor(),
])
trainset = torchvision.datasets.CIFAR10(root='./data', train=True, download=True, transform=transform_train)
trainloader = torch.utils.data.DataLoader(trainset, batch_size=256, shuffle=True,
num_workers=4)
# Model
print('==> Building model..')
best_acc = 0.0
start_epoch = 0
net = PreActResNet18().to(device)
# checkpoint = torch.load(CIFAR_CKPT, map_location=torch.device(device))
# net.load_state_dict(checkpoint['net'])
# start_epoch = int(checkpoint['epoch'])
# best_acc = float(checkpoint['acc'])
UndercoverAttack = Attack(net, nn.functional.cross_entropy)
criterion = nn.CrossEntropyLoss()
optimizer = optim.SGD(net.parameters(), lr=1e-3, momentum=0.9, weight_decay=5e-4)
scheduler = optim.lr_scheduler.StepLR(optimizer, step_size=40, gamma=0.1)
net.train()
for epoch in range(start_epoch, epochs):
train_loss = 0
correct, total = 0, 0
for batch_idx, (inputs, targets) in enumerate(trainloader):
inputs, targets = inputs.to(device), targets.to(device)
optimizer.zero_grad()
outputs = net(inputs)
_, predicted = outputs.max(1)
total += targets.size(0)
correct += predicted.eq(targets).sum().item()
x_adv = undercover_attack(UndercoverAttack, inputs, targets, eps=0.15)
adv_outputs = net(x_adv)
loss1 = criterion(outputs, targets)
loss2 = criterion(adv_outputs, targets)
loss = loss1 + loss2 * 0.8
train_loss += loss.item()
loss.backward()
optimizer.step()
scheduler.step(epoch)
acc = 1.0 * correct / total
print('epoch: %d, train loss: %.2f, train acc: %.4f' % (epoch, train_loss, acc))
if acc > best_acc:
best_acc = acc
state = {
'net': net.state_dict(),
'acc': acc,
'epoch': epoch,
}
if not os.path.isdir('checkpoint'):
os.mkdir('checkpoint')
torch.save(state, CIFAR_CKPT)
ImageId = pd.DataFrame(ImageIds)
ImageId.columns = ['ImageId']
labels = ImageId.merge(labels_init, on='ImageId')
# In[ ]:
EPSILON = 8 / 255 * (1 - -1)
l2dist = PairwiseDistance(2)
criterion_none = nn.CrossEntropyLoss(reduction='none')
criterion = nn.CrossEntropyLoss()
optimizer = optim.SGD(net.parameters(),
lr=0.001,
momentum=0.9,
weight_decay=5e-4)
# attacks
bim_attack = Attack(net, F.cross_entropy)
cw_attack = cw.L2Adversary(targeted=False,
confidence=0.9,
search_steps=10,
box=(-1, 1),
optimizer_lr=0.001)
# In[ ]:
def FGSM(x, y_true, eps=8 / 255, alpha=1 / 255, iteration=10, bim_a=False):
x = Variable(x.to(device), requires_grad=False)
y_true = Variable(y_true.to(device), requires_grad=False)
if iteration == 1:
x_adv = bim_attack.fgsm(x,
def train(epochs, eps, device):
print('==> Preparing data..')
transform_train = transforms.Compose([
transforms.RandomHorizontalFlip(),
transforms.ToTensor(),
])
trainset = torchvision.datasets.MNIST(root='./data',
train=True,
download=True,
transform=transform_train)
trainloader = torch.utils.data.DataLoader(trainset,
batch_size=256,
shuffle=True,
num_workers=4)
# Model
print('==> Building model..')
net = MnistModel()
net = net.to(device)
UndercoverAttack = Attack(net, nn.functional.cross_entropy)
criterion = nn.CrossEntropyLoss()
optimizer = optim.SGD(net.parameters(),
lr=1e-3,
momentum=0.9,
weight_decay=5e-4)
net.train()
best_acc = 0.0
for epoch in range(epochs):
train_loss = 0
correct, total = 0, 0
for batch_idx, (inputs, targets) in enumerate(trainloader):
inputs, targets = inputs.to(device), targets.to(device)
optimizer.zero_grad()
outputs = net(inputs)
_, predicted = outputs.max(1)
total += targets.size(0)
correct += predicted.eq(targets).sum().item()
x_adv = undercover_attack(UndercoverAttack,
inputs,
targets,
device,
eps=eps) #0.15
adv_outputs = net(x_adv)
loss1 = criterion(outputs, targets)
loss2 = criterion(adv_outputs, targets)
loss = loss1 + loss2 * 0.8
train_loss += loss.item()
loss.backward()
optimizer.step()
acc = 1.0 * correct / total
print('epoch: %d, train loss: %.2f, train acc: %.4f' %
(epoch, train_loss, acc))
if acc > best_acc:
best_acc = acc
state = {
'net': net.state_dict(),
'acc': acc,
'epoch': epoch,
}
if not os.path.isdir('checkpoint'):
os.mkdir('checkpoint')
torch.save(state, MNIST_CKPT)
batch_size=512,
shuffle=True,
num_workers=4)
trainiter = iter(trainloader)
testset = torchvision.datasets.MNIST(root='./data',
train=False,
download=True,
transform=transform_test)
testloader = torch.utils.data.DataLoader(testset,
batch_size=512,
shuffle=False,
num_workers=4)
testiter = iter(testloader)
undercover_gradient_attacker = Attack(undercoverNet, F.cross_entropy)
# construct bim adversarial samples
# --------------------train---------------------
normal_samples, adversarial_samples = [], []
for x, y in trainloader:
x, y = x.to(device), y.to(device)
y_pred = undercoverNet(x).argmax(dim=1)
eps = 0.3
x_adv = undercover_gradient_attacker.i_fgsm(
x,
y,
eps=eps,
alpha=1 / 255,
iteration=int(min(eps * 255 + 4, 1.25 * eps * 255)))