import torchvision
import pdb
def _save_img(imgs_np, file_path):
img_np = np.transpose((imgs_np[0] * 255).astype(np.uint8), (1, 2, 0))
img_pil = Image.fromarray(img_np)
img_pil.save(file_path)
return
# Resnet152 [4, 5, 6, 7]
# Vgg16 [2, 7, 14, 21, 28]
image_np = np.expand_dims(load_image(data_format='channels_first', fpath='./images/example.png', abs_path=True), axis=0)
image = numpy_to_variable(image_np)
_save_img(image_np, './temp_ori.png')
model = Vgg16()
internal = [i for i in range(29)]
attack = DispersionAttack_gpu(model, epsilon=16./255, step_size=1./255, steps=200)
adv = attack(image, attack_layer_idx_list=[14], internal=internal)
adv_np = variable_to_numpy(adv)
_save_img(adv_np, './temp_adv.png')
diff_np = np.abs(image_np - adv_np)
_save_img(diff_np, './temp_diff.png')
diff_amp_np = diff_np / diff_np.max()
_save_img(diff_amp_np, './temp_diff_amp_{0:.2f}.png'.format(1./diff_np.max()))
def main(args=None):
if args is None:
args = sys.argv[1:]
args = parse_args(args)
args_dic = vars(args)
with open('utils/labels.txt', 'r') as inf:
args_dic['imagenet_dict'] = eval(inf.read())
args_dic['input_dir'] = os.path.join(args.dataset_dir, 'ori')
target_model = None
internal = None
attack = None
attack_layer_idx = None
if args.adv_method == 'dr':
loss_mtd = args.loss_method
if args.target_model == 'vgg16':
assert args.vgg16_attacklayer != -1
target_model = Vgg16()
internal = [i for i in range(29)]
attack_layer_idx = [args.vgg16_attacklayer] # 12, 14
args_dic['image_size'] = (224, 224)
elif args.target_model == 'resnet152':
assert args.res152_attacklayer != -1
target_model = Resnet152()
internal = [i for i in range(9)]
attack_layer_idx = [args.res152_attacklayer] # #[4, 5, 6, 7]
args_dic['image_size'] = (224, 224)
elif args.target_model == 'inception_v3':
assert args.inc3_attacklayer != -1
target_model = Inception_v3()
internal = [i for i in range(14)]
attack_layer_idx = [args.inc3_attacklayer] # [3, 4, 7, 8, 12]
args_dic['image_size'] = (299, 299)
else:
raise
attack = DispersionAttack_gpu(target_model,
epsilon=args.epsilon / 255.,
step_size=args.step_size / 255.,
steps=args.steps,
loss_mtd=loss_mtd)
elif args.adv_method == 'tidim' or args.adv_method == 'dim' or args.adv_method == 'mifgsm' or args.adv_method == 'pgd':
attack_layer_idx = [0]
internal = [0]
loss_mtd = ''
if args.target_model == 'vgg16':
target_model = torchvision.models.vgg16(
pretrained=True).cuda().eval()
args_dic['image_size'] = (224, 224)
elif args.target_model == 'resnet152':
target_model = torchvision.models.resnet152(
pretrained=True).cuda().eval()
args_dic['image_size'] = (224, 224)
elif args.target_model == 'inception_v3':
target_model = torchvision.models.inception_v3(
pretrained=True).cuda().eval()
args_dic['image_size'] = (299, 299)
else:
raise ValueError('Invalid adv_method.')
if args.adv_method == 'dim':
attack = DIM_Attack(target_model,
decay_factor=1,
prob=0.5,
epsilon=args.epsilon / 255.,
step_size=args.step_size / 255.,
steps=args.steps,
image_resize=330)
elif args.adv_method == 'mifgsm':
attack = MomentumIteratorAttack(target_model,
decay_factor=0.5,
epsilon=args.epsilon / 255.,
step_size=args.step_size / 255.,
steps=args.steps,
random_start=False)
elif args.adv_method == 'pgd':
attack = LinfPGDAttack(target_model,
epsilon=args.epsilon / 255.,
a=args.step_size / 255.,
k=args.steps,
random_start=False)
elif args.adv_method == 'tidim':
attack = TIDIM_Attack(target_model,
decay_factor=1,
prob=0.5,
epsilon=args.epsilon / 255.,
step_size=args.step_size / 255.,
steps=args.steps,
image_resize=330)
else:
raise ValueError('Invalid adv_mdthod.')
assert target_model != None and internal != None and attack != None and attack_layer_idx != None
attack_layer_idx_str = ''
for layer_idx in attack_layer_idx:
attack_layer_idx_str += (str(layer_idx) + '_')
attack_layer_idx_str = attack_layer_idx_str[:-1]
if not DEBUG:
args_dic['output_dir'] = os.path.join(
args.dataset_dir,
'{0}_{1}_layerAt_{2}_eps_{3}_stepsize_{4}_steps_{5}_lossmtd_{6}'.
format(args.adv_method, args.target_model, attack_layer_idx_str,
args.epsilon, args.step_size, args.steps, loss_mtd))
if os.path.exists(args.output_dir):
raise ValueError('Output folder existed.')
os.mkdir(args.output_dir)
count = 0
images_list = []
names_list = []
total_images = len(os.listdir(args.input_dir))
assert args.batch_size > 0
for image_count, image_name in enumerate(tqdm(os.listdir(args.input_dir))):
image_path = os.path.join(args.input_dir, image_name)
image_np = load_image(shape=args.image_size,
data_format='channels_first',
abs_path=True,
fpath=image_path)
images_list.append(image_np)
names_list.append(image_name)
count += 1
if count < args.batch_size and image_count != total_images - 1:
continue
images_np = np.array(images_list)
count = 0
images_list = []
images_var = numpy_to_variable(images_np)
if args.adv_method == 'dr':
advs = attack(images_var, attack_layer_idx, internal)
else:
assert args.batch_size == 1, 'Baselines are not tested for batch input.'
target_model.eval()
logits_nat = target_model(images_var)
y_var = logits_nat.argmax().long().unsqueeze(0)
advs = attack(images_var.cpu(), y_var.cpu())
if not DEBUG:
advs_np = variable_to_numpy(advs)
for idx, adv_np in enumerate(advs_np):
image_pil = Image.fromarray(
np.transpose((adv_np * 255).astype(np.uint8), (1, 2, 0)))
image_pil.save(
os.path.join(args.output_dir,
os.path.splitext(names_list[idx])[0] +
'.png'))
names_list = []
import datetime
import numpy as np
generator = aegenerator().cuda()
dataset = oriDataset(image_dir='', resize_height=224,
resize_width=224) #type clean image path here
dataloader = torch.utils.data.DataLoader(dataset, batch_size=16, shuffle=False)
generator.load_state_dict(torch.load('')) #weight path
generator.eval()
i = 0
start = datetime.datetime.now()
for data, filename in dataloader:
i += 1
print(i)
advs = generator(data)
advs = torch.max(torch.min(advs, data + 16 / 255), data - 16 / 255)
advs = torch.clamp(advs, 0, 1)
advs_np = variable_to_numpy(advs)
for idx, adv_np in enumerate(advs_np):
image_pil = Image.fromarray(
np.transpose((adv_np * 255).astype(np.uint8), (1, 2, 0)))
file = filename[0][idx].replace('.jpg', '.png')
folderpath = '/' #output folder
if not os.path.exists(folderpath):
os.mkdir(folderpath)
path = folderpath + file
image_pil.save(path)
#print(filename[0][0])
end = datetime.datetime.now()
print(end - start)
output = generator(data)
#print(output.shape)
output = torch.max(torch.min(output, data + 16 / 255), data - 16 / 255)
output = torch.clamp(output, 0, 1)
gabor1 = gabor(output)
gabor2 = gabor(data)
gaborthreshold = gabor2 <= 0
gaborthreshold = gaborthreshold.float()
mseloss = loss_func(gabor1 * gaborthreshold, gabor2 * gaborthreshold)
#mseloss = loss_func(gabor1,gabor2)
#loss3 = 1 - ssim.ssim(data,output)
#mseloss = torch.std(output-data)
if i == 0:
advs_np = variable_to_numpy(output)
image_pil = Image.fromarray(
np.transpose((advs_np[0] * 255).astype(np.uint8), (1, 2, 0)))
file = filename[0][0].replace('.jpg', '.png')
path = './testimages/' + str(epoch) + '.png'
image_pil.save(path)
t_mean = torch.FloatTensor(mean).view(1, 3, 1,
1).expand(1, 3, 224, 224).cuda()
t_std = torch.FloatTensor(std).view(1, 3, 1, 1).expand(1, 3, 224,
224).cuda()
output = (output - t_mean) / t_std
data = (data - t_mean) / t_std
vggout1 = vggmodel(output)
vggout2 = vggmodel(data)
#print(vggout2.shape)
# y_c_features = vgg(output)