def testing(test_loader, model, step_size, eps, attack='None', device=None):
model.eval()
criterion = nn.CrossEntropyLoss()
total_step = len(test_loader)
test_loss = 0
correct = 0
total = 0
for i, (inputs, labels) in enumerate(test_loader):
inputs, labels = inputs.to(device), labels.to(device)
if attack == 'None':
images_ = inputs
elif attack == 'fgsm':
images_ = fgsm(inputs, labels, eps, criterion, model)
elif attack == 'random':
images_ = Random(inputs, labels, eps, criterion, model)
elif attack == 'pgd':
images_ = pgd(model,
inputs,
labels,
criterion,
num_steps=20,
step_size=step_size,
eps=eps)
elif attack == 'cw':
print('Processing CW attack on batch:', i)
CW = CW_attack(model)
images_ = CW.attack(inputs, labels, eps)
outputs = model(images_)
_, predicted = torch.max(outputs.data, 1)
total += labels.size(0)
correct += (predicted == labels).sum().item()
accuracy = 100. * correct / total
print('Testing accuracy:', accuracy)
return accuracy
def testing(test_loader, model, step_size, eps, attack='None', device=None):
model.eval()
total_step = len(test_loader)
test_loss = 0
correct = 0
total = 0
for i, (inputs, labels) in enumerate(test_loader):
inputs, labels = inputs.to(device), labels.to(device)
if attack == 'None':
x = inputs
elif attack == 'fgsm':
x = fgsm(inputs, labels, eps, model, device)
elif attack == 'Random':
x = Random(inputs, labels, eps, model, device)
elif attack == 'pgd':
x, _ = pgd(model,
inputs,
labels,
epsilon=eps,
num_steps=20,
step_size=step_size,
rand_init=False,
device=device)
elif attack == 'cw':
print('Processing CW attack on batch:', i)
CW = CW_attack(model)
x = CW.attack(inputs, labels, eps)
outputs = model(x)
_, predicted = torch.max(outputs.data, 1)
total += labels.size(0)
correct += (predicted == labels).sum().item()
accuracy = 100. * correct / total
# print('Testing accuracy:', accuracy)
return accuracy
def testing(self, data_loader, eps, step_size=0., attack='None', defense='None', lr=0., max_iter=0., device=None):
criterion = nn.CrossEntropyLoss()
total_step = len(data_loader)
test_loss = 0
correct = 0
total = 0
for i, (inputs, labels) in enumerate(data_loader):
inputs, labels = inputs.to(device), labels.to(device)
# Perturbing the input images
if attack == 'None':
images_ = inputs
elif attack == 'fgsm':
images_ = fgsm(inputs, labels, eps, criterion, self.model)
elif attack == 'random':
images_ = Random(inputs, labels, eps, criterion, self.model)
elif attack == 'pgd':
images_ = pgd(self.model, inputs, labels, criterion, num_steps=20, step_size=step_size, eps=eps)
elif attack == 'cw':
print('Processing CW attack on batch:', i)
CW = CW_attack(self.model)
images_ = CW.attack(inputs, labels, eps)
# Defense the input images
if defense == 'None':
outputs = self.model(images_)
elif defense == 'pmp':
outputs = self.PMP(images_, learning_rate=lr, radius=0., max_iterations=max_iter)
_, predicted = torch.max(outputs.data, 1)
total += labels.size(0)
correct += (predicted == labels).sum().item()
accuracy = 100.*correct/total
print('Testing accuracy:', accuracy)
return accuracy
def train_adversarial(train_loader, model, criterion, optimizer, epoch,
num_epochs, device, train_method):
train_loss = 0
train_correct = 0
train_total = 0
total_step = len(train_loader)
model.train()
for i, (images, labels) in enumerate(train_loader):
eps_defense = torch.abs(truncated_normal(images.shape[0]))
num_normal = int(images.shape[0] / 2)
images, labels = images.to(device), labels.to(device)
images = random_flip_left_right(images)
outputs = model(images)
_, predicted_label = outputs.max(1)
if train_method == 'fgsm':
images_adv_ = fgsm(images, predicted_label, eps_defense, criterion,
model)
elif train_method == 'random':
images_adv = Random(images, predicted_label, eps_defense,
criterion, model)
elif train_method == 'pgd':
random_number = torch.abs(truncated_normal(1))
attack_iter = int(min(random_number + 4, 1.25 * random_number))
images_adv = pgd_unconstrained(model,
images,
predicted_label,
criterion,
num_steps=attack_iter,
step_size=1)
images_final = images_adv.detach()
outputs_worse = model(images_final)
loss_1 = criterion(outputs_worse[0:num_normal],
labels[0:num_normal]) * 2.0 / 1.3
loss_2 = criterion(outputs_worse[num_normal:],
labels[num_normal:]) * 0.6 / 1.3
loss = (loss_1 + loss_2) / 2.
optimizer.zero_grad()
loss.backward()
optimizer.step()
train_loss += loss.item()
_, predicted = outputs_worse.max(1)
train_total += labels.size(0)
train_correct += predicted.eq(labels).sum().item()
if (i + 1) % 100 == 0:
print(
'Epoch [{}/{}], Step [{}/{}], LR: [{}], Loss: {:.4f}, Acc: {:.3f}'
.format(epoch + 1, num_epochs, i + 1, total_step,
optimizer.param_groups[0]['lr'],
train_loss / total_step,
100. * train_correct / train_total))
def PMP_testing(self, data_loader):
criterion = nn.CrossEntropyLoss()
total_step = len(data_loader)
lr_list = [0.01, 0.0075, 0.005, 0.0025, 0.001]
iterations_list = [5, 10, 20, 30, 40]
attack_methods = ['none', 'random', 'fgsm', 'pgd', 'cw']
data_loader_ = iter(data_loader)
inputs, labels = next(data_loader_)
accu = []
for lr in lr_list:
for iterations in iterations_list:
print('Learning rate is:', lr, 'Iterations is:', iterations)
accu_ = []
accu_avg = []
for attack in attack_methods:
# print('Attack method:', attack)
eps_attack = [2, 4, 8]
accuracies = []
for eps in eps_attack:
if attack == 'random':
data = Random(inputs, labels, eps=eps, loss_function=criterion, model=self.model)
elif attack == 'fgsm':
data = fgsm(inputs, labels, eps=eps, loss_function=criterion, model=self.model)
elif attack == 'pgd':
data = pgd(self.model, inputs, labels, criterion, num_steps=20, step_size=eps/4, eps=eps)
elif attack == 'cw':
CW = CW_attack(self.model)
data = CW.attack(inputs, labels, eps)
elif attack == 'none':
data = inputs
outputs = self.PMP(data, lr, radius=1000, max_iterations=iterations)
_, predicted = outputs.max(1)
total = labels.size(0)
correct = predicted.eq(labels).sum().item()
accuracy = 100.*correct/total
accuracies.append(accuracy)
accu_.append('{:.1f} / {:.1f} / {:.1f}'.format(accuracies[0], accuracies[1], accuracies[2]))
accu_avg.append(accuracies[0] / 3 + accuracies[1] / 3 + accuracies[2] / 3)
#print('Accuracy of the network eps=2: {} %'.format(accuracies[0]), 'eps=8: {}'.format(accuracies[1]), 'eps=16: {}'.format((accuracies[2])))
accu.append(['{} / {}'.format(lr, iterations), accu_[0], accu_[1], accu_[2], accu_[3], accu_[4],
(accu_avg[0] + accu_avg[1] + accu_avg[2] + accu_avg[3] + accu_avg[4]) / 5 ])
table = tabulate(accu, headers=['hyper', 'none', 'random', 'fgsm', 'pgd', 'cw', 'avg'])
print(table)