def test_PGD(self):
"""Test of ProjectedGradientDescent algorithm."""
tf.set_random_seed(self.seed)
attack_params = {
'eps': 0.5,
'eps_iter': 0.1,
'ord': 2,
'rand_init': False,
'nb_iter': 20
}
evas = CAttackEvasionCleverhans(
classifier=self.clf,
y_target=self.y_target,
clvh_attack_class=ProjectedGradientDescent,
**attack_params)
# Expected final optimal point
expected_x = CArray([0.7643, 0.6722])
self._run_evasion(evas, self.x0, self.y0, expected_x=expected_x)
self._test_confidence(self.x0, self.y0, evas.x_opt, self.clf,
self.y_target)
self._test_plot(evas)
def _attack_cleverhans(self):
from cleverhans.attacks import FastGradientMethod
from secml.adv.attacks import CAttackEvasionCleverhans
attack_params = {
'eps': 0.1,
'clip_max': self.ub,
'clip_min': self.lb,
'ord': 1
}
attack = CAttackEvasionCleverhans(classifier=self.classifier,
surrogate_data=self.tr,
y_target=self.y_target,
clvh_attack_class=FastGradientMethod,
**attack_params)
param_name = 'attack_params.eps'
dmax = 2
dmax_step = 0.5
param_values = CArray.arange(start=0,
step=dmax_step,
stop=dmax + dmax_step)
return attack, param_name, param_values
def test_ENM(self):
"""Test of ElasticNetMethod algorithm."""
tf.set_random_seed(self.seed)
attack_params = {
'binary_search_steps': 3,
'initial_const': 0.01,
'confidence': 10,
'abort_early': True,
'clip_min': 0.0,
'clip_max': 1.0,
'max_iterations': 30,
'learning_rate': 0.03,
}
evas = CAttackEvasionCleverhans(classifier=self.clf,
y_target=self.y_target,
decision_rule='END',
clvh_attack_class=ElasticNetMethod,
**attack_params)
# Expected final optimal point
# expected_x = CArray([0.7885, 0.7719])
expected_x = CArray([0.7651, 0.7406])
self._run_evasion(evas, self.x0, self.y0, expected_x=expected_x)
self._test_confidence(self.x0, self.y0, evas.x_opt, self.clf,
self.y_target)
self._test_stored_consts(evas)
self._test_plot(evas)
def test_CWL2(self):
"""Test of CarliniWagnerL2 algorithm."""
tf.set_random_seed(self.seed)
attack_params = {
'binary_search_steps': 4,
'initial_const': 0.01,
'confidence': 10,
'abort_early': True,
'clip_min': 0.0,
'clip_max': 1.0,
'max_iterations': 30,
'learning_rate': 0.03,
}
evas = CAttackEvasionCleverhans(classifier=self.clf,
y_target=self.y_target,
clvh_attack_class=CarliniWagnerL2,
**attack_params)
# Expected final optimal point
expected_x = CArray([0.8316, 0.5823])
self._run_evasion(evas, self.x0, self.y0, expected_x=expected_x)
self._test_confidence(self.x0, self.y0, evas.x_opt, self.clf,
self.y_target)
self._test_stored_consts(evas)
self._test_plot(evas)
def test_attack_cleverhans(self):
"""Test SecEval using CAttackEvasionCleverhans+FastGradientMethod."""
try:
import cleverhans
except ImportError as e:
import unittest
raise unittest.SkipTest(e)
from cleverhans.attacks import FastGradientMethod
from secml.adv.attacks import CAttackEvasionCleverhans
params = {
"classifier": self.clf,
"surrogate_data": self.tr,
"y_target": None,
"clvh_attack_class": FastGradientMethod,
'eps': 0.1,
'clip_max': 2,
'clip_min': -2,
'ord': 2
}
attack = CAttackEvasionCleverhans(**params)
param_name = 'attack_params.eps'
self._set_and_run(attack, param_name)
def test_SPSA(self):
"""Test of SPSA algorithm."""
tf.set_random_seed(self.seed)
attack_params = {
'eps': 0.5,
'delta': 0.1,
'clip_min': 0.0,
'clip_max': 1.0,
'nb_iter': 50,
'learning_rate': 0.03,
}
evas = CAttackEvasionCleverhans(classifier=self.clf,
surrogate_classifier=self.clf,
surrogate_data=self.ds,
y_target=self.y_target,
clvh_attack_class=SPSA,
**attack_params)
# FIXME: random seed not working for SPSA?
self._run_evasion(evas, self.x0, self.y0, expected_x=None)
self._test_confidence(self.x0, self.y0, evas.x_opt, self.clf,
self.y_target)
self._test_plot(evas)
'binary_search_steps': 1,
'initial_const': 0.2,
'confidence': 10,
'abort_early': True,
'clip_max': ub,
'clip_min': lb,
'max_iterations': 50,
'learning_rate': 0.1
})
]
for i, attack in enumerate(attacks):
cleverhans_attack = CAttackEvasionCleverhans(
classifier=secml_clf,
surrogate_classifier=secml_clf,
surrogate_data=ds_tr_secml,
y_target=y_target,
clvh_attack_class=attack.attack_cls,
**attack.attack_params)
print("Attack {:} started ..".format(attack.short_name))
y_pred_CH, _, adv_ds_CH, _ = cleverhans_attack.run(x0, y0)
print("Attack finished")
print("Original x0 label : ", y0.item())
print(
"Adversarial example label ({:}): "
"".format(attack.attack_cls.__name__), y_pred_CH.item())
print("Number of classifier function evaluations: {:}"
"".format(cleverhans_attack.f_eval))
print("Number of classifier gradient evaluations: {:}"
"".format(cleverhans_attack.grad_eval))