def do_train(args): """ Train the model using the provided arguments. """ # Assumption: it is cheap to store all the data in text form in # memory (it's only about 144mb) _, X, y = load_data_raw(args.input) X_train, y_train, X_val, y_val = split_data(X, y, args.dev_split) # Assumption: word vector model will also easily fit in memory. wvecs = WordVectorModel.from_file(args.wvecs, False, '*UNKNOWN*') # Typical values are 50, 50 input_shape = (1,args.n_words, wvecs.dim) output_shape = len(LABELS) # Build model model = build_model(args, input_shape=input_shape, output_shape=output_shape, output_type=args.output_type) # Training data on the other hand will not. Each input instance is # 50x50 matrix with 8bytes per value: that's about 20kb. # Assuming we want to store only about 500mb in memory at a time, # that means we want at most 25k items in a batch. # Typically minibatches of 32-128 are probably ok. Let's keep it # that way? for epoch in range(args.n_epochs): log("== Training model, epoch {}", epoch) scorer = Scorer(model) for xy in tqdm(grouper(args.batch_size, zip(X_train, y_train))): X_batch, y_batch = zip(*xy) X_batch, y_batch = wvecs.embed_sentences(X_batch), array(make_one_hot(y_batch, len(LABELS))) score = model.train_on_batch(X_batch, y_batch) scorer.update(score, len(X_batch)) log("=== train error: {}", scorer) scorer = Scorer(model) for xy in tqdm(grouper(args.batch_size, zip(X_val, y_val))): X_batch, y_batch = zip(*xy) X_batch, y_batch = wvecs.embed_sentences(X_batch), array(make_one_hot(y_batch, len(LABELS))) score = model.test_on_batch(X_batch, y_batch) scorer.update(score, len(X_batch)) log("=== val error: {}", scorer) ## Save the model save_model(model, args.model, args.weights)
def data_generator(img_paths, labels, name, batch_size): num_sample = len(img_paths) print(num_sample) while True: for offset in range(0, num_sample, batch_size): batch_paths = img_paths[offset:offset + batch_size] batch_labels = labels[offset:offset + batch_size] batch_names = name[offset:offset + batch_size] batch_labels = np.array(batch_labels) batch_features = [load_feature(path) for path in batch_paths] batch_labels = util.make_one_hot(batch_labels) batch_feature = np.array(batch_features) yield batch_feature, batch_labels, np.array(batch_names)
def combined_loss(pred, target, device, n_classes): """ :param pred: N x C x H x W :param target: N x H x W """ weights = estimate_weights(target.float()) weights = weights.to(device) cross = cross_entropy_loss(pred, target, weights) target_oh = make_one_hot(target.long(), n_classes, device) dice = dice_loss(pred, target_oh) loss = cross + dice del weights return loss, cross, dice
def prepare_effective_data(mps, data, site_index, context): # data is 2d array data[i, j] = i-th datapoint, j-th position # think of data as sparse representation of data_full[i,j,k] # where the k index is a vector which happens to be one-hot # so we just record the index if site_index == 0: physical_dimension, _ = mps[site_index].shape elif site_index > 0 and site_index < len(mps) - 1: _, physical_dimension, _ = mps[site_index].shape elif site_index == len(mps) - 1: _, physical_dimension = mps[site_index].shape else: raise ValueError("got bad site_index") physical_effective_data = [make_one_hot(idx, physical_dimension) for idx in data[:, site_index]] if site_index == 0: update_right_combs(mps, data, site_index, context) combs_r = context['combs_r'][site_index + 1] effective_data = physical_effective_data, combs_r elif site_index < len(mps) - 1: update_left_combs(mps, data, site_index, context) update_right_combs(mps, data, site_index, context) combs_r = context['combs_r'][site_index + 1] combs_l = context['combs_l'][site_index - 1] effective_data = combs_l, physical_effective_data, combs_r else: update_left_combs(mps, data, site_index, context) combs_l = context['combs_l'][site_index - 1] effective_data = combs_l, physical_effective_data return effective_data, context
def DAG_Attack(model, test_dataset, args): # Hyperparamter for DAG num_iterations = 20 gamma = 0.5 num = 15 gpu = args.gpu # set device configuration device_ids = [] if gpu == 'gpu': if not torch.cuda.is_available(): print("No cuda available") raise SystemExit device = torch.device(args.device1) device_ids.append(args.device1) if args.device2 != -1: device_ids.append(args.device2) if args.device3 != -1: device_ids.append(args.device3) if args.device4 != -1: device_ids.append(args.device4) else: device = torch.device("cpu") if len(device_ids) > 1: model = nn.DataParallel(model, device_ids=device_ids) model = model.to(device) adversarial_examples = [] for batch_idx in range(len(test_dataset)): image, label = test_dataset.__getitem__(batch_idx) image = image.unsqueeze(0) pure_label = label.squeeze(0).numpy() image, label = image.clone().detach().requires_grad_( True).float(), label.clone().detach().float() image, label = image.to(device), label.to(device) # Change labels from [batch_size, height, width] to [batch_size, num_classes, height, width] label_oh = make_one_hot(label.long(), n_classes, device) if args.attacks == 'DAG_A': adv_target = torch.zeros_like(label_oh) elif args.attacks == 'DAG_B': adv_target = generate_target_swap(label_oh.cpu().numpy()) adv_target = torch.from_numpy(adv_target).float() elif args.attacks == 'DAG_C': # choice one randome particular class except background class(0) unique_label = torch.unique(label) target_class = int(random.choice(unique_label[1:]).item()) adv_target = generate_target(label_oh.cpu().numpy(), target_class=target_class) adv_target = torch.from_numpy(adv_target).float() else: print( "wrong adversarial attack types : must be DAG_A, DAG_B, or DAG_C" ) raise SystemExit adv_target = adv_target.to(device) _, _, _, _, _, image_iteration = DAG(model=model, image=image, ground_truth=label_oh, adv_target=adv_target, num_iterations=num_iterations, gamma=gamma, no_background=True, background_class=0, device=device, verbose=False) if len(image_iteration) >= 1: adversarial_examples.append([image_iteration[-1], pure_label]) del image_iteration print('total {} {} images are generated'.format(len(adversarial_examples), args.attacks)) return adversarial_examples
def test(model, args): data_path = args.data_path gpu = args.gpu n_classes = args.classes data_width = args.width data_height = args.height # set device configuration device_ids = [] if gpu == 'gpu': if not torch.cuda.is_available(): print("No cuda available") raise SystemExit device = torch.device(args.device1) device_ids.append(args.device1) if args.device2 != -1: device_ids.append(args.device2) if args.device3 != -1: device_ids.append(args.device3) if args.device4 != -1: device_ids.append(args.device4) else: device = torch.device("cpu") if len(device_ids) > 1: model = nn.DataParallel(model, device_ids=device_ids) model = model.to(device) # set testdataset test_dataset = SampleDataset(data_path) test_loader = DataLoader( test_dataset, batch_size=10, num_workers=4, ) print('test_dataset : {}, test_loader : {}'.format(len(test_dataset), len(test_loader))) avg_score = 0.0 # test model.eval() # Set model to evaluate mode with torch.no_grad(): for batch_idx, (inputs, labels) in enumerate(test_loader): inputs = inputs.to(device).float() labels = labels.to(device).long() target = make_one_hot(labels[:, 0, :, :], n_classes, device) pred = model(inputs) loss = dice_score(pred, target) avg_score += loss.data.cpu().numpy() del inputs, labels, target, pred, loss avg_score /= len(test_loader) print('dice_score : {:.4f}'.format(avg_score))
def test(model, args): data_path = args.data_path n_channels = args.channels n_classes = args.classes data_width = args.width data_height = args.height gpu = args.gpu # Hyper paremter for MagNet thresholds = [0.01, 0.05, 0.001, 0.005] reformer_model = None if args.reformer == 'autoencoder1': reformer_model = autoencoder(n_channels) elif args.reformer == 'autoencoder2': reformer_model = autoencoder2(n_channels) else: print("wrong reformer model : must be autoencoder1 or autoencoder2") raise SystemExit print('reformer model') summary(reformer_model, input_size=(n_channels, data_height, data_width), device='cpu') detector_model = None if args.detector == 'autoencoder1': detector_model = autoencoder(n_channels) elif args.detector == 'autoencoder2': detector_model = autoencoder2(n_channels) else: print("wrong detector model : must be autoencoder1 or autoencoder2") raise SystemExit print('detector model') summary(detector_model, input_size=(n_channels, data_height, data_width), device='cpu') # set device configuration device_ids = [] if gpu == 'gpu': if not torch.cuda.is_available(): print("No cuda available") raise SystemExit device = torch.device(args.model_device1) device_defense = torch.device(args.defense_model_device) device_ids.append(args.model_device1) if args.model_device2 != -1: device_ids.append(args.model_device2) if args.model_device3 != -1: device_ids.append(args.model_device3) if args.model_device4 != -1: device_ids.append(args.model_device4) else: device = torch.device("cpu") device_defense = torch.device("cpu") detector = AEDetector(detector_model, device_defense, args.detector_path, p=2) reformer = SimpleReformer(reformer_model, device_defense, args.reformer_path) classifier = Classifier(model, device, args.model_path, device_ids) # set testdataset test_dataset = SampleDataset(data_path) test_loader = DataLoader( test_dataset, batch_size=10, num_workers=4, ) print('test_dataset : {}, test_loader : {}'.format(len(test_dataset), len(test_loader))) # Defense with MagNet print('test start') for thrs in thresholds: print('----------------------------------------') counter = 0 avg_score = 0.0 thrs = torch.tensor(thrs) with torch.no_grad(): for batch_idx, (inputs, labels) in enumerate(test_loader): inputs = inputs.float() labels = labels.to(device).long() target = make_one_hot(labels[:, 0, :, :], n_classes, device) operate_results = operate(reformer, classifier, inputs) all_pass, _ = filters(detector, inputs, thrs) if len(all_pass) == 0: continue filtered_results = operate_results[all_pass] pred = filtered_results.to(device).float() target = target[all_pass] loss = dice_score(pred, target) avg_score += loss.data.cpu().numpy() # statistics counter += 1 del inputs, labels, pred, target, loss if counter: avg_score = avg_score / counter print('threshold : {:.4f}, avg_score : {:.4f}'.format( thrs, avg_score)) else: print( 'threshold : {:.4f} , no images pass from filter'.format(thrs))
def DAG(model, image, ground_truth, adv_target, num_iterations=20, gamma=0.07, no_background=True, background_class=0, device='cuda:0', verbose=False): ''' Generates adversarial example for a given Image Parameters ---------- model: Torch Model image: Torch tensor of dtype=float. Requires gradient. [b*c*h*w] ground_truth: Torch tensor of labels as one hot vector per class adv_target: Torch tensor of dtype=float. This is the purturbed labels. [b*classes*h*w] num_iterations: Number of iterations for the algorithm gamma: epsilon value. The maximum Change possible. no_background: If True, does not purturb the background class background_class: The index of the background class. Used to filter background device: Device to perform the computations on verbose: Bool. If true, prints the amount of change and the number of values changed in each iteration Returns ------- Image: Adversarial Output, logits of original image as torch tensor logits: Output of the Clean Image as torch tensor noise_total: List of total noise added per iteration as numpy array noise_iteration: List of noise added per iteration as numpy array prediction_iteration: List of prediction per iteration as numpy array image_iteration: List of image per iteration as numpy array ''' noise_total = [] noise_iteration = [] prediction_iteration = [] image_iteration = [] background = None logits = model(image) orig_image = image _, predictions_orig = torch.max(logits, 1) predictions_orig = make_one_hot(predictions_orig, logits.shape[1], device) if (no_background): background = torch.zeros(logits.shape) background[:, background_class, :, :] = torch.ones( (background.shape[2], background.shape[3])) background = background.to(device) for a in range(num_iterations): output = model(image) _, predictions = torch.max(output, 1) prediction_iteration.append(predictions[0].cpu().numpy()) predictions = make_one_hot(predictions, logits.shape[1], device) condition1 = torch.eq(predictions, ground_truth) condition = condition1 if no_background: condition2 = (ground_truth != background) condition = torch.mul(condition1, condition2) condition = condition.float() if (condition.sum() == 0): print("Condition Reached") image = None break #Finding pixels to purturb adv_log = torch.mul(output, adv_target) #Getting the values of the original output clean_log = torch.mul(output, ground_truth) #Finding r_m adv_direction = adv_log - clean_log r_m = torch.mul(adv_direction, condition) r_m.requires_grad_() #Summation r_m_sum = r_m.sum() r_m_sum.requires_grad_() #Finding gradient with respect to image r_m_grad = torch.autograd.grad(r_m_sum, image, retain_graph=True) #Saving gradient for calculation r_m_grad_calc = r_m_grad[0] #Calculating Magnitude of the gradient r_m_grad_mag = r_m_grad_calc.norm() if (r_m_grad_mag == 0): print("Condition Reached, no gradient") #image=None break #Calculating final value of r_m r_m_norm = (gamma / r_m_grad_mag) * r_m_grad_calc #if no_background: #if False: if no_background is False: condition_image = condition.sum(dim=1) condition_image = condition_image.unsqueeze(1) r_m_norm = torch.mul(r_m_norm, condition_image) #Updating the image #print("r_m_norm : ",torch.unique(r_m_norm)) image = torch.clamp((image + r_m_norm), 0, 1) image_iteration.append(image[0][0].detach().cpu().numpy()) noise_total.append((image - orig_image)[0][0].detach().cpu().numpy()) noise_iteration.append(r_m_norm[0][0].cpu().numpy()) if verbose: print("Iteration ", a) print("Change to the image is ", r_m_norm.sum()) print("Magnitude of grad is ", r_m_grad_mag) print("Condition 1 ", condition1.sum()) if no_background: print("Condition 2 ", condition2.sum()) print("Condition is", condition.sum()) return image, logits, noise_total, noise_iteration, prediction_iteration, image_iteration