Beispiel #1
0
def attack():
    x_train, x_test, y_train, y_test = load_data('cifar10', 2)
    min_pixel_value = x_train.min()
    max_pixel_value = x_train.max()
    print('min_pixel_value ', min_pixel_value)
    print('max_pixel_value ', max_pixel_value)

    s = time.time()

    # model = BNN(['../binary/checkpoints/cifar10_mlpbnn_approx_%d.h5' % (i) for i in range(100)])
    model = BNN([
        '../binary/checkpoints/cifar10_mlpbnn_approx_ep004_%d.h5' % (i)
        for i in range(100)
    ])

    pred_y = model.predict(x_test)
    print('pred_y: ', pred_y)
    np.savetxt('pred_y', pred_y)
    np.savetxt('y_test', y_test)
    print('pred_y[0], pred_y[288], pred_y[888], pred_y[1990], y[-1]',
          pred_y[0], pred_y[288], pred_y[888], pred_y[1990], y[-1])
    print('Accuracy: ', accuracy_score(y_true=y_test, y_pred=pred_y))

    # Create a model wrapper
    predictWrapper = modelWrapper(model)

    classifier = BlackBoxClassifier(predict=predictWrapper.predict_one_hot,
                                    input_shape=(32 * 32 * 3, ),
                                    nb_classes=2,
                                    clip_values=(min_pixel_value,
                                                 max_pixel_value))

    print('----- generate adv data -----')
    attack = BoundaryAttack(estimator=classifier,
                            targeted=False,
                            delta=0.01,
                            epsilon=0.01,
                            max_iter=100,
                            num_trial=100,
                            sample_size=100,
                            init_size=100)

    print('----- generate adv test data -----')
    x_test = x_test[288]
    # Input data shape should be 2D
    x_test = x_test.reshape((-1, 32 * 32 * 3))
    x_test_adv = attack.generate(x=x_test)

    print('x_test ', x_test)
    print('x_test_adv ', x_test_adv)

    dist2 = utils.computeDist2(x_test, x_test_adv)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(x_test, x_test_adv)
    print('test data distInf: ', distInf)

    print('Cost time: ', time.time() - s)
Beispiel #2
0
def adv_gen(attack, orginal_data, datatype):
    adv_data = attack.generate(x=orginal_data)

    print('x ', orginal_data)
    print('x_adv ', adv_data)

    dist2 = utils.computeDist2(orginal_data, adv_data)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(orginal_data, adv_data)
    print('test data distInf: ', distInf)
def distortion(original_data, adv_data):
    '''
    Compute the distance between original data and adversary data
    '''
    print('x ', original_data)
    print('x_adv ', adv_data)

    dist2 = utils.computeDist2(original_data, adv_data)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(original_data, adv_data)
    print('test data distInf: ', distInf)
Beispiel #4
0
def attack():
    x_train, x_test, y_train, y_test = load_data('cifar10_binary', 2)
    x_train = x_train.reshape((-1, 32, 32, 3)).transpose(
        (0, 3, 1, 2)).astype(np.float32)
    x_test = x_test.reshape((-1, 32, 32, 3)).transpose(
        (0, 3, 1, 2)).astype(np.float32)

    min_pixel_value = x_train.min()
    max_pixel_value = x_train.max()
    print('min_pixel_value ', min_pixel_value)
    print('max_pixel_value ', max_pixel_value)

    s = time.time()

    path = '../binary/checkpoints/cifar10_binary_lenet_100.pkl'
    with open(path, 'rb') as f:
        model = pickle.load(f)

    # Predict
    # Lent and simpleNet input data shape is (-1,3, 32, 32)
    # The other net input data shape is vector
    # Mlp01 need to add: cuda=False
    print('xtest shape1', x_test.shape)
    pred_y = model.predict(x_test)
    print('xtest shape1', x_test.shape)
    print('pred_y: ', pred_y)

    # Create a model wrapper
    predictWrapper = modelWrapper(model)

    classifier = BlackBoxClassifier(predict=predictWrapper.predict_one_hot,
                                    input_shape=(3 * 32 * 32, ),
                                    nb_classes=2,
                                    clip_values=(min_pixel_value,
                                                 max_pixel_value))

    print('----- generate adv data -----')
    attack = BoundaryAttack(estimator=classifier,
                            targeted=False,
                            delta=0.01,
                            epsilon=0.01,
                            max_iter=100,
                            num_trial=100,
                            sample_size=100,
                            init_size=100)

    print('----- generate adv test data -----')
    x_test = x_test[288]
    # Input data shape should be 2D
    x_test = x_test.reshape((-1, 3 * 32 * 32))
    x_test_adv = attack.generate(x=x_test)

    np.save('x', x_test)
    np.save('adv_x', x_test_adv)

    print('x_test ', x_test)
    print('x_test_adv ', x_test_adv)

    # dist1 = utils.computeDist1(x_test, x_test_adv)
    # print('test data dist1: ', dist1)

    dist2 = utils.computeDist2(x_test, x_test_adv)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(x_test, x_test_adv)
    print('test data distInf: ', distInf)

    # avg_dist2, med_dist2 = utils.computeDist2(x_test, x_test_adv)
    # print('test avg_dist2: ', avg_dist2)
    # # print('test med_dist2: ', med_dist2)

    # avg_distInf, med_distInf = utils.computeDistInf(x_test, x_test_adv)
    # print('test avg_distInf: ', avg_distInf)
    # # print('test med_distInf: ', med_distInf)

    print('Cost time: ', time.time() - s)
Beispiel #5
0
def attack():
    x_train, x_test, y_train, y_test = load_data('cifar10_binary', 2)
    min_pixel_value = x_train.min()
    max_pixel_value = x_train.max()
    print('min_pixel_value ', min_pixel_value)
    print('max_pixel_value ', max_pixel_value)

    s = time.time()

    path = '../binary/checkpoints/cifar10_binary_scd01mlp_100_br02_h500_nr075_ni25000_i1.pkl'

    with open(path, 'rb') as f:
        model = pickle.load(f)

    pred_y = model.predict(x_test, cuda=False)
    # np.savetxt('pred_y_mpl2', pred_y)
    print('pred_y: ', pred_y)

    # Create a model wrapper
    predictWrapper = modelWrapper(model)

    classifier = BlackBoxClassifier(predict=predictWrapper.predict_one_hot,
                                    input_shape=(3 * 32 * 32, ),
                                    nb_classes=2,
                                    clip_values=(min_pixel_value,
                                                 max_pixel_value))

    print('----- generate adv data -----')
    attack = BoundaryAttack(estimator=classifier,
                            targeted=False,
                            delta=0.01,
                            epsilon=0.01,
                            max_iter=100,
                            num_trial=100,
                            sample_size=100,
                            init_size=100)

    print('----- generate adv test data -----')
    x_test = x_test[-1]
    # Input data shape should be 2D
    x_test = x_test.reshape((-1, 3 * 32 * 32))
    x_test_adv = attack.generate(x=x_test)

    np.save('x', x_test)
    np.save('adv_x', x_test_adv)

    print('x_test ', x_test)
    print('x_test_adv ', x_test_adv)

    # dist1 = utils.computeDist1(x_test, x_test_adv)
    # print('test data dist1: ', dist1)

    dist2 = utils.computeDist2(x_test, x_test_adv)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(x_test, x_test_adv)
    print('test data distInf: ', distInf)

    # avg_dist2, med_dist2 = utils.computeDist2(x_test, x_test_adv)
    # print('test avg_dist2: ', avg_dist2)
    # # print('test med_dist2: ', med_dist2)

    # avg_distInf, med_distInf = utils.computeDistInf(x_test, x_test_adv)
    # print('test avg_distInf: ', avg_distInf)
    # # print('test med_distInf: ', med_distInf)

    print('Cost time: ', time.time() - s)
Beispiel #6
0
def attack():
    x_train, x_test, y_train, y_test = load_data('cifar10', 2)
    # x_train, y_train, x_test, y_test = utils.loadData()
    min_pixel_value = x_train.min()
    max_pixel_value = x_train.max()
    print('min_pixel_value ', min_pixel_value)
    print('max_pixel_value ', max_pixel_value)

    s = time.time()

    path = '../binary/checkpoints/cifar10_scd01mlp_100_br02_nr075_ni1000_i1_ep2.pkl'
    # path = '/home/y/yx277/research/scd01mc/binary/checkpoints/cifar10_mlp.pkl'
    # path = '/research/datasci/mx42/adversarial_machine_learning/IBM_ART/checkpoints_scd_01/scd_stl10_01_v7.pkl'
    with open(path, 'rb') as f:
        model = pickle.load(f)

    pred_y = model.predict(x_test)
    # np.savetxt('pred_y_mpl2', pred_y)
    print('pred_y: ', pred_y)

    # Create a model wrapper
    predictWrapper = modelWrapper(model)

    classifier = BlackBoxClassifier(predict=predictWrapper.predict_one_hot,
                                    input_shape=(32 * 32 * 3, ),
                                    nb_classes=2,
                                    clip_values=(min_pixel_value,
                                                 max_pixel_value))

    print('----- generate adv data -----')
    attack = BoundaryAttack(estimator=classifier,
                            targeted=False,
                            delta=0.01,
                            epsilon=0.01,
                            max_iter=500,
                            num_trial=100,
                            sample_size=100,
                            init_size=100)

    print('----- generate adv test data -----')
    x_test = x_test[0]
    # Input data shape should be 2D
    x_test = x_test.reshape((-1, 32 * 32 * 3))
    x_test_adv = attack.generate(x=x_test)

    np.save('x', x_test)
    np.save('adv_x', x_test_adv)

    print('x_test ', x_test)
    print('x_test_adv ', x_test_adv)

    # dist1 = utils.computeDist1(x_test, x_test_adv)
    # print('test data dist1: ', dist1)

    dist2 = utils.computeDist2(x_test, x_test_adv)
    print('test data dist2: ', dist2)

    distInf = utils.computeDistInf(x_test, x_test_adv)
    print('test data distInf: ', distInf)

    # avg_dist2, med_dist2 = utils.computeDist2(x_test, x_test_adv)
    # print('test avg_dist2: ', avg_dist2)
    # # print('test med_dist2: ', med_dist2)

    # avg_distInf, med_distInf = utils.computeDistInf(x_test, x_test_adv)
    # print('test avg_distInf: ', avg_distInf)
    # # print('test med_distInf: ', med_distInf)

    print('Cost time: ', time.time() - s)