def get_metric_eval(self):
utr_score = []
tr_score = []
for i in range(1):
##TODO: Customise input parameters to methods like LinfPGDAttack
adversary = LinfPGDAttack(
self.phi,
loss_fn=nn.CrossEntropyLoss(reduction="sum"),
eps=0.10,
nb_iter=40,
eps_iter=0.01,
rand_init=True,
clip_min=0.0,
clip_max=1.0,
targeted=False)
adv_untargeted = adversary.perturb(x_e, y_e)
target = torch.ones_like(y_e) * 3
adversary.targeted = True
adv_targeted = adversary.perturb(x_e, target)
pred_cln = predict_from_logits(self.phi(x_e))
pred_untargeted_adv = predict_from_logits(self.phi(adv_untargeted))
pred_targeted_adv = predict_from_logits(self.phi(adv_targeted))
utr_score.append(torch.sum(pred_cln != pred_untargeted_adv))
tr_score.append(torch.sum(pred_cln != pred_targeted_adv))
batch_size = 5
plt.figure(figsize=(10, 8))
for ii in range(batch_size):
plt.subplot(3, batch_size, ii + 1)
_imshow(x_e[ii])
plt.title("clean \n pred: {}".format(pred_cln[ii]))
plt.subplot(3, batch_size, ii + 1 + batch_size)
_imshow(adv_untargeted[ii])
plt.title("untargeted \n adv \n pred: {}".format(
pred_untargeted_adv[ii]))
plt.subplot(3, batch_size, ii + 1 + batch_size * 2)
_imshow(adv_targeted[ii])
plt.title("targeted to 3 \n adv \n pred: {}".format(
pred_targeted_adv[ii]))
plt.tight_layout()
plt.savefig(self.save_path + '.png')
utr_score = np.array(utr_score)
tr_score = np.array(tr_score)
print('MisClassifcation on Untargetted Attack ', np.mean(utr_score),
np.std(utr_score))
print('MisClassifcation on Targeted Atttack', np.mean(tr_score),
np.std(tr_score))
self.metric_score['Untargetted Method'] = np.mean(utr_score)
self.metric_score['Targetted Method'] = np.mean(tr_score)
return
def generate_attack_samples(model, cln_data, true_label, nb_iter, eps_iter):
adversary = LinfPGDAttack(
model, loss_fn=nn.CrossEntropyLoss(reduction="sum"), eps=0.25,
nb_iter=nb_iter, eps_iter=eps_iter, rand_init=True, clip_min=0.0, clip_max=1.0,
targeted=False)
adv_untargeted = adversary.perturb(cln_data, true_label)
adv_targeted_results = []
adv_target_labels = []
for target_label in range(0, 10):
assert target_label >= 0 and target_label <= 10 and type(
target_label) == int
target = torch.ones_like(true_label) * target_label
adversary.targeted = True
adv_targeted = adversary.perturb(cln_data, target)
adv_targeted_results.append(adv_targeted)
adv_target_labels.append(target)
return adv_targeted_results, adv_target_labels, adv_untargeted
def get_metric_eval(self):
utr_score=[]
tr_score=[]
for i in range(1):
##TODO: Customise input parameters to methods like LinfPGDAttack
adversary = LinfPGDAttack(
self.phi, loss_fn=nn.CrossEntropyLoss(reduction="sum"), eps=self.args.adv_eps, nb_iter=70, eps_iter=0.01, rand_init=True, clip_min=(0.0-0.1307)/0.3081, clip_max=(1.0-0.1307)/0.3081,
targeted=False)
pred_cln=[]
pred_untargeted_adv=[]
pred_targeted_adv=[]
temp_counter=0
for batch_idx, (x_e, y_e ,d_e, idx_e) in enumerate(self.test_dataset):
x_e= x_e.to(self.cuda)
print(torch.min(x_e), torch.max(x_e))
y_e= torch.argmax(y_e, dim=1).to(self.cuda)
adversary.targeted = False
adv_untargeted = adversary.perturb(x_e, y_e)
target = torch.ones_like(y_e)*3
adversary.targeted = True
adv_targeted = adversary.perturb(x_e, target)
print(torch.min(adv_untargeted), torch.max(adv_untargeted))
pred_cln.append( predict_from_logits(self.phi(x_e)) )
pred_untargeted_adv.append( predict_from_logits(self.phi(adv_untargeted)) )
pred_targeted_adv.append( predict_from_logits(self.phi(adv_targeted)) )
temp_counter+=1
if temp_counter ==5:
break
pred_cln= torch.cat(pred_cln)
pred_untargeted_adv= torch.cat(pred_untargeted_adv)
pred_targeted_adv= torch.cat(pred_targeted_adv)
utr_score.append( torch.sum( pred_cln != pred_untargeted_adv).detach().cpu().numpy() / pred_cln.shape[0] )
tr_score.append( torch.sum(pred_cln!= pred_targeted_adv).detach().cpu().numpy() / pred_cln.shape[0] )
# batch_size=5
# plt.figure(figsize=(10, 8))
# for ii in range(batch_size):
# plt.subplot(3, batch_size, ii + 1)
# _imshow(x_e[ii])
# plt.title("clean \n pred: {}".format(pred_cln[ii]))
# plt.subplot(3, batch_size, ii + 1 + batch_size)
# _imshow(adv_untargeted[ii])
# plt.title("untargeted \n adv \n pred: {}".format(
# pred_untargeted_adv[ii]))
# plt.subplot(3, batch_size, ii + 1 + batch_size * 2)
# _imshow(adv_targeted[ii])
# plt.title("targeted to 3 \n adv \n pred: {}".format(
# pred_targeted_adv[ii]))
# plt.tight_layout()
# plt.savefig( self.save_path + '.png' )
utr_score= np.array(utr_score)
tr_score= np.array(tr_score)
print('MisClassifcation on Untargetted Attack ', np.mean(utr_score), np.std(utr_score), self.args.adv_eps )
print('MisClassifcation on Targeted Atttack', np.mean(tr_score), np.std(tr_score), self.args.adv_eps )
self.metric_score['Untargetted Method']= np.mean( utr_score )
self.metric_score['Targetted Method']= np.mean( tr_score )
return