Example #1
0
def get_mnist_lenet5_advtrained():
    filename = "mnist_lenet5_advtrained.pt"
    model = LeNet5()
    model.load_state_dict(
        torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
    model.eval()
    model.name = "MNIST LeNet 5 PGD training according to Madry et al. 2018"
    # TODO: also described where can you find this model, and how is it trained
    return model
Example #2
0
def get_mnist_lenet5_clntrained():
    filename = "mnist_lenet5_clntrained.pt"
    model = LeNet5()
    model.load_state_dict(
        torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
    model.eval()
    model.name = "MNIST LeNet5 standard training"
    # TODO: also described where can you find this model, and how is it trained
    return model
def test_adversary_mnist(algorithm, step, p, model_filename):

    import os
    from advertorch.test_utils import LeNet5
    from advertorch_examples.utils import get_mnist_test_loader
    from advertorch_examples.utils import TRAINED_MODEL_PATH

    # Setup
    torch.manual_seed(0)

    use_cuda = torch.cuda.is_available()
    device = torch.device("cuda" if use_cuda else "cpu")
    device = torch.device("cpu")

    model = LeNet5()
    model_path = os.path.join(TRAINED_MODEL_PATH, model_filename)
    model.load_state_dict(torch.load(model_path, map_location=device))
    model.eval()

    criterion = nn.CrossEntropyLoss()
    constraint = chop.constraints.make_LpBall(alpha=1., p=p)

    test_loader = get_mnist_test_loader(batch_size=1, shuffle=True)
    # Just get first batch
    for data, target in test_loader:
        break

    data, target = data.to(device), target.to(device)

    adv = Adversary(algorithm)

    if algorithm == optim.minimize_pgd:
        alg_kwargs = {'prox': constraint.prox, 'max_iter': 50, 'step': step}
    elif algorithm == optim.minimize_pgd_madry:
        alg_kwargs = {
            'prox': constraint.prox,
            'lmo': constraint.lmo,
            'max_iter': 50,
            'step': step
        }

    elif algorithm == optim.minimize_frank_wolfe:
        alg_kwargs = {
            'lmo': constraint.lmo,
            'step': step if step else 'sublinear',
            'max_iter': 50
        }

    # Run and log perturbation
    adv_loss, delta = adv.perturb(data, target, model, criterion, **alg_kwargs)
Example #4
0
def create(adv_train=True):
    if adv_train:
        model_link = model_links['adv_trained']
    else:
        model_link = model_links['cln_trained']
    device = torch.device('cuda:0' if torch.cuda.is_available() else 'cpu')
    weights_path = fb.zoo.fetch_weights(
        model_link,
        unzip=False
    )
    model = LeNet5()
    model.to(device)
    state_dict = torch.load(weights_path, map_location=device)
    model.load_state_dict(state_dict)
    model.eval()

    preprocessing = {'mean': 0.5,
                     'std': 0.5}

    fmodel = fb.models.PyTorchModel(model, bounds=(0, 1),
                                    preprocessing=preprocessing,
                                    device=device)

    return fmodel
Example #5
0
import torch.nn as nn

from advertorch.attacks import LinfPGDAttack
from advertorch.attacks.utils import AttackConfig


class PGDLinfMadryTrainMnist(AttackConfig):
    AttackClass = LinfPGDAttack
    eps = 0.3
    eps_iter = 0.01
    nb_iter = 40
    loss_fn = nn.CrossEntropyLoss(reduction="sum")
    rand_init = True
    clip_min = 0.0
    clip_max = 1.0


class PGDLinfMadryTestMnist(PGDLinfMadryTrainMnist):
    # only modify the entry that is changed from PGDLinfMadryTrainMnist
    nb_iter = 100


if __name__ == '__main__':
    from advertorch.test_utils import LeNet5

    model = LeNet5()

    train_adversary = PGDLinfMadryTrainMnist()(model)
    test_adversary = PGDLinfMadryTestMnist()(model)
Example #6
0
net = 'mnist'

from advertorch.test_utils import LeNet5


class LeNet5_each_layer(LeNet5):
    def forward(self, x):
        out1 = self.maxpool1(self.relu1(self.conv1(x)))
        out2_ = self.maxpool2(self.relu2(self.conv2(out1)))
        out2 = out2_.view(out2_.size(0), -1)
        out3 = self.relu3(self.linear1(out2))
        out4 = self.linear2(out3)
        return out1, out2_, out3, out4


model_ = LeNet5()
model_.load_state_dict(torch.load(os.path.join('trained_models/', filename)))
model_.to(device)
model_.eval()

# get knn features
model1_ = LeNet5_each_layer()
model1_.load_state_dict(torch.load(os.path.join('trained_models/', filename)))
model1_.to(device)
model1_.eval()

print("net: " + net)

if net == 'mnist' or net == 'fashion_mnist':
    # get knn features
    model1 = net_mnist()
def save_noisy_image(img, name):
    if img.size(1) == 3:
        img = img.view(img.size(0), 3, 32, 32)
        save_image(img, name)
    else:
        img = img.view(img.size(0), 1, 28, 28)
        save_image(img, name)


# Adopt True for the first time
generate_peer = True

# Generate peer images to folder
if generate_peer == True:
    filename = "mnist_lenet5_clntrained.pt"
    model_peer = LeNet5()
    model_peer.load_state_dict(
        torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
    model_peer.cuda()
    model_peer.eval()
    peer_loader = get_mnist_test_loader(batch_size=1, shuffle=False)
    adversary = LinfPGDAttack(model_peer,
                              loss_fn=nn.CrossEntropyLoss(reduction="sum"),
                              eps=0.25,
                              nb_iter=40,
                              eps_iter=0.01,
                              rand_init=True,
                              clip_min=0.0,
                              clip_max=1.0,
                              targeted=False)
    base_folder = f"PeerReport/MNIST/Peer_reference/1"