def optimal_subset_selection(confidence_path):
"""
Select optimal subset for each attack and defense
:param confidence_path: path to confidence pkl file
:return: None
"""
with open(confidence_path, "rb") as f:
confidence_list = pickle.load(f)
i = 0
optimal_list = []
img_paths = get_paths_by_ext(TEST_DIR, ['JPEG', 'pkl'])
for img_path, confidence in zip(img_paths, confidence_list):
if confidence > 0:
optimal_list.append(i)
i += 1
return optimal_list
def ground_truth_prob():
"""
Compute ground truth prob for adversarial examples
:return: None
"""
resnet152 = models.resnet152(pretrained=True).cuda().eval()
for p in resnet152.parameters():
p.requires_grad = False
image_paths = get_paths_by_ext(DATA_DIR, ['JPEG', 'pkl'])
class_index_dict = map_class_indices()
ground_truth_prob_list = np.zeros(len(image_paths))
count = 0
for image_path in image_paths:
print(count)
if 'resnet152' in image_path: # adversarial images, already resized
image = load_image(image_path, resize=False)
else: # clean images, need resizing
image = load_image(image_path, resize=True)
# Map the ground truth label to index
code = os.path.basename(os.path.dirname(image_path))
label = class_index_dict[code]
# Normalize and convert to tensor
output = resnet152(
torch.unsqueeze(normalize_image_to_tensor(np.copy(image)),
0).cuda())
probs = softmax(output.cpu().numpy()).squeeze()
ground_truth_prob_list[count] = probs[label]
result_fp = RESULT_DIR + 'pgd-0.01-0.002' + '_' + 'ground_truth' + '_' + 'prob' + '.pkl'
save_array_to_pkl(ground_truth_prob_list, result_fp)
count += 1
def summarize_categorical_results(result_path, test_dir=TEST_DIR):
"""
Compute summary statistics for each category
:param result_path: file path of the .pkl file that stores the prediction confidence(+)/illusiveness(-)
:param test_dir: root directory of the test images
:return: numpy array of categorical accuracy (1000, )
"""
with open(result_path, "rb") as f:
results = pickle.load(f)
img_paths = get_paths_by_ext(test_dir, ['JPEG', 'pkl'])
results_categorical, amount = np.zeros(1000), np.zeros(1000)
class_index_dict = map_class_indices()
for result, img_path in zip(results, img_paths):
code = os.path.basename(os.path.dirname(img_path))
idx = class_index_dict[code]
amount[idx] += 1
results_categorical[idx] += result
results_categorical /= amount
return results_categorical
if getpass.getuser() == 'fantasie': # user is Yifei
DATA_DIR = '/media/fantasie/backup/data/ILSVRC2012/val_correct_adv_resnet152_pgd-0.01-0.002-20/'
RESULT_DIR = 'result/'
else: # user is Chao
DATA_DIR = '/home/chao/PycharmProjects/data/ILSVRC2012/val_correct_adv_resnet152_pgd-0.01-0.002-20/'
RESULT_DIR = '/home/chao/PycharmProjects/data/ILSVRC2012/result/'
if __name__ == "__main__":
resnet152 = models.resnet152(pretrained=True).cuda().eval()
for p in resnet152.parameters():
p.requires_grad = False
image_paths = get_paths_by_ext(DATA_DIR, ['JPEG', 'pkl'])
# Configure dataset
DATASET = "ImageNet"
if DATASET == "ImageNet":
class_index_dict = map_class_indices()
else:
labels_dict = load_nips17_labels()
maxiter = 10
iter_dist = np.full(shape=len(image_paths), fill_value=998)
count = 0
for image_path in image_paths:
print(count)
# Load input images
if 'resnet152' in image_path: # adversarial images, already resized
else:
labels_dict = load_nips17_labels()
# Load pretrained model
resnet152 = models.resnet152(pretrained=True).cuda().eval()
# Foolbox model: normalize data as input preprocessing
mean = np.array([0.485, 0.456, 0.406]).reshape((3, 1, 1))
std = np.array([0.229, 0.224, 0.225]).reshape((3, 1, 1))
model = foolbox.models.PyTorchModel(resnet152,
bounds=(0.0, 1.0),
num_classes=1000,
preprocessing=(mean, std))
# File paths of the target images
image_paths = get_paths_by_ext(args.data_dir, ['JPEG', 'pkl'])
i, count = 0, 0
confidences = np.zeros(len(image_paths))
start_time = time.time()
for image_path in image_paths:
if args.live:
print("i = %d" % i)
# Load input images
if image_path.endswith('pkl'):
image = load_pkl_image(image_path)
else:
if 'resnet152' in image_path: # adversarial images, already resized
image = load_image(image_path, resize=False)