def check_files():
import os
from common import paths
def check_file(filepath):
if not os.path.exists(filepath):
print('File %s not found.' % filepath)
check_file(paths.database_file())
check_file(paths.images_file())
check_file(paths.theta_file())
check_file(paths.codes_file())
check_file(paths.test_images_file())
check_file(paths.train_images_file())
check_file(paths.test_theta_file())
check_file(paths.train_theta_file())
check_file(paths.test_codes_file())
check_file(paths.train_codes_file())
check_file(paths.emnist_test_images_file())
check_file(paths.emnist_train_images_file())
check_file(paths.emnist_test_labels_file())
check_file(paths.emnist_train_labels_file())
check_file(paths.fashion_test_images_file())
check_file(paths.fashion_train_images_file())
check_file(paths.fashion_test_labels_file())
check_file(paths.fashion_train_labels_file())
check_file(paths.celeba_test_images_file())
check_file(paths.celeba_train_images_file())
check_file(paths.celeba_test_labels_file())
check_file(paths.celeba_train_labels_file())
def main():
parser = ArgumentParser(formatter_class=ArgumentDefaultsHelpFormatter)
parser.add_argument('--train_csv',
type=str,
default=None,
help='Path to CSV for training data')
parser.add_argument('--test_csv',
type=str,
default=None,
help='Path to CSV for test data')
parser.add_argument('--dataset',
type=str,
required=True,
help='Name of dataset')
parser.add_argument('--sep',
type=str,
default=',',
help='CSV delimiting character')
args = parser.parse_args()
if args.train_csv:
create_hdf5(paths.train_images_file(args.dataset),
paths.train_labels_file(args.dataset), args.train_csv,
args.sep)
if args.test_csv:
create_hdf5(paths.test_images_file(args.dataset),
paths.test_labels_file(args.dataset), args.test_csv,
args.sep)
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Attack classifier.')
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing images.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file containing codes.', type=str)
parser.add_argument('-label_index', default=2, help='Label index.', type=int)
parser.add_argument('-classifier_file', default=paths.state_file('classifier'), help='Snapshot state file of classifier.', type=str)
parser.add_argument('-perturbations_file', default=paths.results_file('classifier/perturbations'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-original_success_file', default=paths.results_file('classifier/success'), help='HDF5 file containing success.', type=str)
parser.add_argument('-transfer_success_file', default=paths.results_file('classifier/transfer_success', help='HDF5 file containing transfer success.'), type=str)
parser.add_argument('-original_accuracy_file', default=paths.results_file('classifier/accuracy'), help='HDF5 file containing accuracy.', type=str)
parser.add_argument('-transfer_accuracy_file', default=paths.results_file('classifier/transfer_accuracy', help='HDF5 file containing transfer accuracy.'), type=str)
parser.add_argument('-log_file', default=paths.log_file('classifier/attacks'), help='Log file.', type=str)
parser.add_argument('-batch_size', default=128, help='Batch size of attack.', type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Some network parameters.
parser.add_argument('-network_architecture', default='standard', help='Classifier architecture to use.', type=str)
parser.add_argument('-network_activation', default='relu', help='Activation function to use.', type=str)
parser.add_argument('-network_no_batch_normalization', default=False, help='Do not use batch normalization.', action='store_true')
parser.add_argument('-network_channels', default=16, help='Channels of first convolutional layer, afterwards channels are doubled.', type=int)
parser.add_argument('-network_dropout', default=False, action='store_true', help='Whether to use dropout.')
parser.add_argument('-network_units', default='1024,1024,1024,1024', help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Test attacks on classifier.')
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-train_images_file', default=paths.train_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file containing labels.', type=str)
parser.add_argument('-label_index', default=2, help='Column index in label file.', type=int)
parser.add_argument('-accuracy_file', default=paths.results_file('learned_decoder/accuracy'), help='Correctly classified test samples of classifier.', type=str)
parser.add_argument('-perturbations_file', default=paths.results_file('learned_decoder/perturbations'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-success_file', default=paths.results_file('learned_decoder/success'), help='HDF5 file indicating attack success.', type=str)
parser.add_argument('-plot_directory', default=paths.experiment_dir('learned_decoder'), help='Path to PNG plot file for success rate.', type=str)
parser.add_argument('-results_file', default='', help='Path to pickled results file.', type=str)
parser.add_argument('-batch_size', default=128, help='Batch size of attack.', type=int)
parser.add_argument('-plot_manifolds', default=False, action='store_true', help='Whether to plot manifolds.')
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Network.
parser.add_argument('-N_theta', default=6, help='Numer of transformations.', type=int)
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Split generated dataset into training and test sets.')
parser.add_argument('-codes_file',
default=paths.codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-theta_file',
default=paths.theta_file(),
help='HDF5 file containing transformations.',
type=str)
parser.add_argument('-images_file',
default=paths.images_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-train_theta_file',
default=paths.train_theta_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.test_theta_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing transformed images.',
type=str)
parser.add_argument('-N_train',
default=960000,
help='Train/test split.',
type=int)
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Attack decoder and classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file with test images.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing test codes.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument(
'-perturbations_file',
default=paths.results_file('decoder/perturbations'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument(
'-perturbation_images_file',
default=paths.results_file('decoder/perturbation_images'),
help='HDF5 file for perturbation images.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('decoder/attacks'),
help='Log file.',
type=str)
parser.add_argument('-batch_size',
default=128,
help='Batch size of attack.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Some decoder parameters.
parser.add_argument('-N_theta',
default=6,
help='Numer of transformations.',
type=int)
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Train auto encoder.')
parser.add_argument('-train_images_file', default=paths.train_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-train_codes_file', default=paths.train_codes_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-label_index', default=2, help='Label index.', type=int)
parser.add_argument('-label', default=-1, help='Label to constrain to.', type=int)
parser.add_argument('-encoder_file', default=paths.state_file('encoder'), help='Snapshot state file.', type=str)
parser.add_argument('-decoder_file', default=paths.state_file('decoder'), help='Snapshot state file.', type=str)
parser.add_argument('-reconstruction_file', default=paths.results_file('reconstructions'), help='Reconstructions file.', type=str)
parser.add_argument('-interpolation_file', default=paths.results_file('interpolations'), help='Interpolation file.', type=str)
parser.add_argument('-random_file', default=paths.results_file('random'), help='Reconstructions file.', type=str)
parser.add_argument('-log_file', default=paths.log_file('auto_encoder'), help='Log file.', type=str)
parser.add_argument('-batch_size', default=64, help='Batch size.', type=int)
parser.add_argument('-latent_space_size', default=10, help='Size of latent space.', type=int)
parser.add_argument('-epochs', default=20, help='Number of epochs.', type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-base_lr', default=0.01, type=float, help='Base learning rate.')
parser.add_argument('-base_lr_decay', default=0.9, type=float, help='Base learning rate.')
parser.add_argument('-results_file', default='', help='Results file for evaluation.', type=str)
parser.add_argument('-training_file', default=paths.results_file('auto_encoder_training'), help='Training statistics file.', type=str)
parser.add_argument('-testing_file', default=paths.results_file('auto_encoder_testing'), help='Testing statistics file.', type=str)
parser.add_argument('-error_file', default=paths.image_file('auto_encoder_error'), help='Error plot file.', type=str)
parser.add_argument('-beta', default=1, help='Weight of KLD.', type=float)
parser.add_argument('-weight_decay', default=0.0001, help='Weight decay importance.', type=float)
parser.add_argument('-absolute_error', default=False, action='store_true', help='Use absolute loss.')
# Some network parameters.
parser.add_argument('-network_architecture', default='standard', help='Classifier architecture to use.', type=str)
parser.add_argument('-network_activation', default='relu', help='Activation function to use.', type=str)
parser.add_argument('-network_no_batch_normalization', default=False, help='Do not use batch normalization.', action='store_true')
parser.add_argument('-network_channels', default=16, help='Channels of first convolutional layer, afterwards channels are doubled.', type=int)
parser.add_argument('-network_dropout', default=False, action='store_true', help='Whether to use dropout.')
parser.add_argument('-network_units', default='1024,1024,1024,1024', help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Attack classifier.')
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file containing codes.', type=str)
parser.add_argument('-label_index', default=2, help='Label index.', type=int)
parser.add_argument('-classifier_file', default=paths.state_file('classifier'), help='Snapshot state file of classifier.', type=str)
parser.add_argument('-accuracy_file', default=paths.results_file('classifier/accuracy'), help='Correctly classified test samples of classifier.', type=str)
parser.add_argument('-perturbations_file', default=paths.results_file('classifier/perturbations'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-success_file', default=paths.results_file('classifier/success'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-log_file', default=paths.log_file('classifier/attacks'), help='Log file.', type=str)
parser.add_argument('-attack', default='UntargetedBatchL2ClippedGradientDescent', help='Attack to try.', type=str)
parser.add_argument('-objective', default='UntargetedF6', help='Objective to use.', type=str)
parser.add_argument('-max_attempts', default=1, help='Maximum number of attempts per attack.', type=int)
parser.add_argument('-max_samples', default=20*128, help='How many samples from the test set to attack.', type=int)
parser.add_argument('-batch_size', default=128, help='Batch size of attack.', type=int)
parser.add_argument('-epsilon', default=1, help='Epsilon allowed for attacks.', type=float)
parser.add_argument('-c_0', default=0., help='Weight of norm.', type=float)
parser.add_argument('-c_1', default=0.1, help='Weight of bound, if not enforced through clipping or reparameterization.', type=float)
parser.add_argument('-c_2', default=0.5, help='Weight of objective.', type=float)
parser.add_argument('-max_iterations', default=250, help='Number of iterations for attack.', type=int)
parser.add_argument('-max_projections', default=5, help='Number of projections for alternating projection.', type=int)
parser.add_argument('-base_lr', default=0.005, help='Learning rate for attack.', type=float)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-no_label_leaking', default=False, dest='no_label_leaking', action='store_true')
parser.add_argument('-initialize_zero', default=False, action='store_true', help='Initialize attack at zero.')
# Some network parameters.
parser.add_argument('-network_architecture', default='standard', help='Classifier architecture to use.', type=str)
parser.add_argument('-network_activation', default='relu', help='Activation function to use.', type=str)
parser.add_argument('-network_no_batch_normalization', default=False, help='Do not use batch normalization.', action='store_true')
parser.add_argument('-network_channels', default=16, help='Channels of first convolutional layer, afterwards channels are doubled.', type=int)
parser.add_argument('-network_dropout', default=False, action='store_true', help='Whether to use dropout.')
parser.add_argument('-network_units', default='1024,1024,1024,1024', help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Inspect transformed images.')
parser.add_argument('-database_file',
default=paths.database_file(),
type=str)
parser.add_argument('-codes_file',
default=paths.codes_file(),
type=str)
parser.add_argument('-theta_file',
default=paths.theta_file(),
type=str)
parser.add_argument('-images_file',
default=paths.images_file(),
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
type=str)
parser.add_argument('-train_theta_file',
default=paths.train_theta_file(),
type=str)
parser.add_argument('-test_theta_file',
default=paths.test_theta_file(),
type=str)
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
type=str)
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Detect attacks on classifier.')
parser.add_argument('-mode', default='svd', help='Mode.', type=str)
parser.add_argument('-database_file', default=paths.database_file(), help='HDF5 file containing font prototype images.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file codes dataset.', type=str)
parser.add_argument('-test_theta_file', default=paths.test_theta_file(), help='HDF5 file containing transformations.', type=str)
parser.add_argument('-train_images_file', default=paths.train_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-perturbations_file', default=paths.results_file('classifier/perturbations'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-success_file', default=paths.results_file('classifier/success'), help='HDF5 file containing success indicators.', type=str)
parser.add_argument('-accuracy_file', default=paths.results_file('classifier/accuracy'), help='HDF5 file containing accuracy indicators.', type=str)
parser.add_argument('-batch_size', default=64, help='Batch size.', type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-pre_pca', default=20, help='PCA dimensionality reduction ebfore NN.', type=int)
parser.add_argument('-n_nearest_neighbors', default=50, help='Number of NNs to consider.', type=int)
parser.add_argument('-n_pca', default=10, help='Number of NNs to consider.', type=int)
parser.add_argument('-n_fit', default=100000, help='Training images to fit.', type=int)
parser.add_argument('-plot_directory', default=paths.experiment_dir('classifier/detection'), help='Plot directory.', type=str)
parser.add_argument('-max_samples', default=1000, help='Number of samples.', type=int)
# Some decoder parameters.
parser.add_argument('-decoder_files', default=paths.state_file('decoder'), help='Decoder files.', type=str)
parser.add_argument('-latent_space_size', default=10, help='Size of latent space.', type=int)
parser.add_argument('-decoder_architecture', default='standard', help='Architecture to use.', type=str)
parser.add_argument('-decoder_activation', default='relu', help='Activation function to use.', type=str)
parser.add_argument('-decoder_no_batch_normalization', default=False, help='Do not use batch normalization.', action='store_true')
parser.add_argument('-decoder_channels', default=16, help='Channels of first convolutional layer, afterwards channels are doubled.', type=int)
parser.add_argument('-decoder_dropout', default=False, action='store_true', help='Whether to use dropout.')
parser.add_argument('-decoder_units', default='1024,1024,1024,1024', help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Inspect transformed images.')
parser.add_argument('-images_file',
default=paths.test_images_file(),
help='HDF5 file created.',
type=str)
parser.add_argument('-output_directory',
default='./',
help='Output directory.',
type=str)
parser.add_argument('-max_images',
default=50,
help='Numbe rof visualizations.',
type=str) #
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Test attacks on classifier.')
parser.add_argument('-test_images_file', default=paths.test_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-train_images_file', default=paths.train_images_file(), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_theta_file', default=paths.results_file('test_theta'), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-train_theta_file', default=paths.results_file('train_theta'), help='HDF5 file containing dataset.', type=str)
parser.add_argument('-test_codes_file', default=paths.test_codes_file(), help='HDF5 file containing labels.', type=str)
parser.add_argument('-decoder_files', default=paths.state_file('decoder'), help='Decoder files.', type=str)
parser.add_argument('-label_index', default=2, help='Column index in label file.', type=int)
parser.add_argument('-accuracy_file', default=paths.results_file('learned_decoder/accuracy'), help='Correctly classified test samples of classifier.', type=str)
parser.add_argument('-perturbations_file', default=paths.results_file('learned_decoder/perturbations'), help='HDF5 file containing perturbations.', type=str)
parser.add_argument('-success_file', default=paths.results_file('learned_decoder/success'), help='HDF5 file indicating attack success.', type=str)
parser.add_argument('-plot_directory', default=paths.experiment_dir('learned_decoder'), help='Path to PNG plot file for success rate.', type=str)
parser.add_argument('-results_file', default='', help='Path to pickled results file.', type=str)
parser.add_argument('-batch_size', default=128, help='Batch size of attack.', type=int)
parser.add_argument('-plot_manifolds', default=False, action='store_true', help='Whether to plot manifolds.')
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-bound', default=2, help='Bound to consider for samples in latent space.', type=float)
# Some decoder parameters.
parser.add_argument('-latent_space_size', default=10, help='Size of latent space.', type=int)
parser.add_argument('-decoder_architecture', default='standard', help='Architecture to use.', type=str)
parser.add_argument('-decoder_activation', default='relu', help='Activation function to use.', type=str)
parser.add_argument('-decoder_no_batch_normalization', default=False, help='Do not use batch normalization.', action='store_true')
parser.add_argument('-decoder_channels', default=16, help='Channels of first convolutional layer, afterwards channels are doubled.', type=int)
parser.add_argument('-decoder_dropout', default=False, action='store_true', help='Whether to use dropout.')
parser.add_argument('-decoder_units', default='1024,1024,1024,1024', help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Summarize dataset including plots and statistics.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.test_theta_file(),
help='HDF5 file containing transformations.',
type=str)
parser.add_argument(
'-skip',
default=10,
help='Number of samples to skip for visualization.',
type=int)
parser.add_argument('-pca_images_file',
default=paths.image_file('data/images_pca'),
help='File for PCA visualization.',
type=str)
parser.add_argument('-umap_images_file',
default=paths.image_file('data/images_umap'),
help='File for Umap visualization.',
type=str)
parser.add_argument('-lle_images_file',
default=None,
help='File for PLLE visualization.',
type=str)
parser.add_argument('-mlle_images_file',
default=None,
help='File for MLLE visualization.',
type=str)
parser.add_argument('-mds_images_file',
default=paths.image_file('data/images_mds'),
help='File for MDS visualization.',
type=str)
parser.add_argument('-tsne_images_file',
default=paths.image_file('data/images_tsne'),
help='File for t-SNE visualization.',
type=str)
parser.add_argument('-pca_theta_file',
default=paths.image_file('data/theta_pca'),
help='File for PCA visualization.',
type=str)
parser.add_argument('-umap_theta_file',
default=paths.image_file('data/theta_umap'),
help='File for Umap visualization.',
type=str)
parser.add_argument('-lle_theta_file',
default=None,
help='File for PLLE visualization.',
type=str)
parser.add_argument('-mlle_theta_file',
default=None,
help='File for MLLE visualization.',
type=str)
parser.add_argument('-mds_theta_file',
default=paths.image_file('data/theta_mds'),
help='File for MDS visualization.',
type=str)
parser.add_argument('-tsne_theta_file',
default=paths.image_file('data/theta_tsne'),
help='File for t-SNE visualization.',
type=str)
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Test auto encoder.')
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_theta_file',
default=paths.results_file('train_theta'),
help='HDF5 file for codes.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.results_file('test_theta'),
help='HDF5 file for codes.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-label',
default=-1,
help='Label to constrain to.',
type=int)
parser.add_argument('-encoder_file',
default=paths.state_file('encoder'),
help='Snapshot state file.',
type=str)
parser.add_argument('-decoder_file',
default=paths.state_file('decoder'),
help='Snapshot state file.',
type=str)
parser.add_argument('-reconstruction_file',
default=paths.results_file('reconstructions'),
help='Reconstructions file.',
type=str)
parser.add_argument('-train_reconstruction_file',
default='',
help='Reconstructions file.',
type=str)
parser.add_argument('-random_file',
default=paths.results_file('random'),
help='Reconstructions file.',
type=str)
parser.add_argument('-interpolation_file',
default=paths.results_file('interpolation'),
help='Interpolations file.',
type=str)
parser.add_argument('-batch_size',
default=64,
help='Batch size.',
type=int)
parser.add_argument('-latent_space_size',
default=10,
help='Size of latent space.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-results_file',
default='',
help='Results file for evaluation.',
type=str)
parser.add_argument('-output_directory',
default='',
help='Output directory for plots.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('test_auto_encoder'),
help='Log file.',
type=str)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Architecture type.')
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def run(args):
# Get the data
train_data = CleanDataset(paths.train_images_file(
args.dataset), paths.train_labels_file(args.dataset))
test_data = CleanDataset(paths.test_images_file(
args.dataset), paths.test_labels_file(args.dataset))
trainset = DataLoader(train_data, batch_size=args.batch_size, shuffle=True)
testset = DataLoader(test_data, batch_size=args.batch_size, shuffle=False)
# Create or load saved model
if args.saved_model_file:
state = State.load(paths.experiment_file(
args.models_dir, args.saved_model_file))
model = state.model
if args.cuda:
model.cuda()
optimizer = torch.optim.SGD(model.parameters(), lr=args.lr,
momentum=args.momentum, weight_decay=args.weight_decay)
scheduler = common.train.get_exponential_scheduler(
optimizer, batches_per_epoch=len(trainset), gamma=args.lr_decay)
optimizer.load_state_dict(state.optimizer)
for st in optimizer.state.values():
for k, v in st.items():
if torch.is_tensor(v):
st[k] = v.cuda()
scheduler.load_state_dict(state.scheduler)
initial_epoch = state.epoch
else:
model = models.ResNet(args.n_classes, [3, 32, 32], channels=12, blocks=[
3, 3, 3], clamp=True)
if args.cuda:
model.cuda()
optimizer = SGD(model.parameters(), lr=args.lr,
momentum=args.momentum, weight_decay=args.weight_decay)
scheduler = common.train.get_exponential_scheduler(
optimizer, batches_per_epoch=len(trainset), gamma=args.lr_decay)
initial_epoch = -1
# Logging
if args.use_tensorboard:
from torch.utils.tensorboard import SummaryWriter
else:
from common.summary import SummaryWriter
writer = SummaryWriter(paths.log_dir(args.log_dir), max_queue=100)
# Augmentation parameters
augmentation_crop = True
augmentation_contrast = True
augmentation_add = False
augmentation_saturation = False
augmentation_value = False
augmentation_flip = args.use_flip
augmentation = common.imgaug.get_augmentation(noise=False, crop=augmentation_crop, flip=augmentation_flip, contrast=augmentation_contrast,
add=augmentation_add, saturation=augmentation_saturation, value=augmentation_value)
# Create attack objects
img_dims = (32, 32)
if args.location == 'random':
mask_gen = MaskGenerator(img_dims, tuple(args.mask_dims),
exclude_list=np.array([args.exclude_box]))
else:
mask_gen = MaskGenerator(img_dims, tuple(args.mask_dims),
include_list=np.array([args.mask_pos + args.mask_dims]))
attack = AdversarialPatch(mask_gen, args.epsilon, args.iterations,
args.optimize_location, args.opt_type, args.stride, args.signed_grad)
attack.norm = LInfNorm()
objective = UntargetedF0Objective()
if args.mode == 'adversarial':
trainer = common.train.AdversarialTraining(model, trainset, testset, optimizer, scheduler,
attack, objective, fraction=args.adv_frac, augmentation=augmentation, writer=writer, cuda=args.cuda)
elif args.mode == 'normal':
trainer = common.train.NormalTraining(
model, trainset, testset, optimizer, scheduler, augmentation=augmentation, writer=writer, cuda=args.cuda)
trainer.summary_gradients = False
# Train model
for e in range(initial_epoch + 1, args.epochs):
trainer.step(e)
writer.flush()
# Save model snapshot
if (e + 1) % args.snapshot_frequency == 0:
State.checkpoint(paths.experiment_file(
args.models_dir, args.model_prefix + '_' + str(e + 1)), model, optimizer, scheduler, e)
# Save final model
State.checkpoint(paths.experiment_file(
args.models_dir, args.model_prefix + '_complete_' + str(e + 1)), model, optimizer, scheduler, args.epochs)
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Train classifier.')
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-train_theta_file',
default=paths.results_file('train_theta'),
help='HDF5 file containing transformations.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.results_file('test_theta'),
help='HDF5 file containing transformations.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-decoder_files',
default=paths.state_file('decoder'),
help='Decoder files.',
type=str)
parser.add_argument('-latent_space_size',
default=10,
help='Size of latent space.',
type=int)
parser.add_argument('-label_index',
default=2,
help='Column index in label file.',
type=int)
parser.add_argument(
'-state_file',
default=paths.state_file('robust_manifold_classifier'),
help='Snapshot state file.',
type=str)
parser.add_argument(
'-log_file',
default=paths.log_file('robust_manifold_classifier'),
help='Log file.',
type=str)
parser.add_argument(
'-training_file',
default=paths.results_file('robust_manifold_training'),
help='Training statistics file.',
type=str)
parser.add_argument(
'-testing_file',
default=paths.results_file('robust_manifold_testing'),
help='Testing statistics file.',
type=str)
parser.add_argument('-loss_file',
default=paths.image_file('loss'),
help='Loss plot file.',
type=str)
parser.add_argument('-error_file',
default=paths.image_file('error'),
help='Error plot file.',
type=str)
parser.add_argument('-success_file',
default=paths.image_file('robust_success'),
help='Success rate plot file.',
type=str)
parser.add_argument('-gradient_file',
default='',
help='Gradient plot file.',
type=str)
parser.add_argument(
'-random_samples',
default=False,
action='store_true',
help='Randomize the subsampling of the training set.')
parser.add_argument('-training_samples',
default=-1,
help='Number of samples used for training.',
type=int)
parser.add_argument('-test_samples',
default=-1,
help='Number of samples for validation.',
type=int)
parser.add_argument('-validation_samples',
default=0,
help='Number of samples for validation.',
type=int)
parser.add_argument('-early_stopping',
default=False,
action='store_true',
help='Use early stopping.')
parser.add_argument('-attack_samples',
default=1000,
help='Samples to attack.',
type=int)
parser.add_argument('-batch_size',
default=64,
help='Batch size.',
type=int)
parser.add_argument('-epochs',
default=10,
help='Number of epochs.',
type=int)
parser.add_argument('-weight_decay',
default=0.0001,
help='Weight decay importance.',
type=float)
parser.add_argument('-logit_decay',
default=0,
help='Logit decay importance.',
type=float)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-skip',
default=5,
help='Verbosity in iterations.',
type=int)
parser.add_argument('-lr',
default=0.005,
type=float,
help='Base learning rate.')
parser.add_argument('-lr_decay',
default=0.9,
type=float,
help='Learning rate decay.')
parser.add_argument('-results_file',
default='',
help='Results file for evaluation.',
type=str)
parser.add_argument(
'-bound',
default=2,
help=
'Bound used to define "safe" latent codes to compute adversarial examples on.',
type=float)
parser.add_argument('-debug_directory',
default='',
help='Debug directory.',
type=str)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
# Decoder parameters.
parser.add_argument('-decoder_architecture',
default='standard',
help='Architecture to use.',
type=str)
parser.add_argument('-decoder_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-decoder_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-decoder_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-decoder_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-decoder_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
# Attack parameters.
parser.add_argument('-attack',
default='UntargetedBatchL2ClippedGradientDescent',
help='Attack to try.',
type=str)
parser.add_argument('-objective',
default='UntargetedF6',
help='Objective to use.',
type=str)
parser.add_argument('-epsilon',
default=1,
help='Epsilon allowed for attacks.',
type=float)
parser.add_argument('-c_0',
default=0.,
help='Weight of norm.',
type=float)
parser.add_argument(
'-c_1',
default=0.1,
help=
'Weight of bound, if not enforced through clipping or reparameterization.',
type=float)
parser.add_argument('-c_2',
default=0.5,
help='Weight of objective.',
type=float)
parser.add_argument('-max_iterations',
default=10,
help='Number of iterations for attack.',
type=int)
parser.add_argument(
'-max_projections',
default=5,
help='Number of projections for alternating projection.',
type=int)
parser.add_argument('-base_lr',
default=0.005,
help='Learning rate for attack.',
type=float)
parser.add_argument('-decoder_epsilon',
default=1,
help='Epsilon allowed for attacks.',
type=float)
parser.add_argument('-decoder_c_0',
default=0.,
help='Weight of norm.',
type=float)
parser.add_argument(
'-decoder_c_1',
default=0.1,
help=
'Weight of bound, if not enforced through clipping or reparameterization.',
type=float)
parser.add_argument('-decoder_c_2',
default=0.5,
help='Weight of objective.',
type=float)
parser.add_argument('-decoder_max_iterations',
default=10,
help='Number of iterations for attack.',
type=int)
parser.add_argument(
'-decoder_max_projections',
default=5,
help='Number of projections for alternating projection.',
type=int)
parser.add_argument('-decoder_base_lr',
default=0.005,
help='Learning rate for attack.',
type=float)
parser.add_argument('-verbose',
action='store_true',
default=False,
help='Verbose attacks.')
parser.add_argument('-anneal_epochs',
default=0,
help='Anneal iterations in the first epochs.',
type=int)
# Variants.
parser.add_argument('-full_variant',
default=False,
action='store_true',
help='100% variant.')
parser.add_argument('-safe',
default=False,
action='store_true',
help='Save variant.')
parser.add_argument('-training_mode',
default=False,
action='store_true',
help='Training mode variant for attack.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Attack decoder and classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-classifier_file',
default=paths.state_file('classifier'),
help='Snapshot state file of classifier.',
type=str)
parser.add_argument('-output_directory',
default=paths.experiment_dir('output'),
help='Output directory.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('learned_decoder/attacks'),
help='Log file.',
type=str)
parser.add_argument('-objective',
default='UntargetedF0',
help='Objective to use.',
type=str)
parser.add_argument(
'-max_samples',
default=10,
help='How many samples from the test set to attack.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-N_theta',
default=6,
help='Numer of transformations.',
type=int)
parser.add_argument('-translation_x',
default='-0.1,0.1',
type=str,
help='Minimum and maximum translation in x.')
parser.add_argument('-translation_y',
default='-0.1,0.1',
type=str,
help='Minimum and maximum translation in y')
parser.add_argument('-shear_x',
default='-0.25,0.25',
type=str,
help='Minimum and maximum shear in x.')
parser.add_argument('-shear_y',
default='-0.25,0.25',
type=str,
help='Minimum and maximum shear in y.')
parser.add_argument('-scale',
default='0.95,1.05',
type=str,
help='Minimum and maximum scale.')
parser.add_argument('-rotation',
default='%g,%g' % (-math.pi / 4, math.pi / 4),
type=str,
help='Minimum and maximum rotation.')
parser.add_argument('-color',
default=0.5,
help='Minimum color value, maximum is 1.',
type=float)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def __init__(self, args=None):
"""
Constructor.
"""
self.args = None
""" Arguments of program. """
parser = self.get_parser()
if args is not None:
self.args = parser.parse_args(args)
else:
self.args = parser.parse_args()
assert self.args.suffix in ['Hard', 'Moderate', 'Easy']
paths.set_globals(experiment=self.experiment(),
characters='ABCDEFGHIJ',
fonts=1000,
transformations=6,
size=28,
suffix=self.args.suffix)
self.train_images_file = paths.train_images_file()
self.train_codes_file = paths.train_codes_file()
self.test_images_file = paths.test_images_file()
self.test_codes_file = paths.test_codes_file()
self.label_index = 2
self.results = dict()
# self.betas = [
# 7, # 0 - latent space size 10
# 7, # 1
# 7.5, # 2
# 7, # 3
# 7, # 4
# 7, # 5
# 7, # 6
# 7, # 7
# 13, # 8
# 9.5, # 9
# 20, # -1 - latent space size 20
# ]
# self.betas = [
# 3,
# 3,
# 3,
# 3,
# 3,
# 3,
# 3,
# 3,
# 3,
# 3,
# 3
# ]
#
# # loss should roughly be half of reconstruction loss
# self.gammas = [
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# 1,
# ]
# self.classifier_channels = 32
# self.network_channels = 128
self.classifier_channels = 64
self.network_channels = 64
self.training_parameters = [
'-base_lr=0.005',
'-weight_decay=0.0001',
'-base_lr_decay=0.9',
'-batch_size=100',
'-absolute_error',
]
self.classifier_parameters = [
'-classifier_architecture=standard', '-classifier_activation=relu',
'-classifier_channels=%d' % self.classifier_channels,
'-classifier_units=1024,1024,1024,1024'
]
self.network_parameters = [
'-network_architecture=standard',
'-network_activation=relu',
'-network_channels=%d' % self.network_channels,
'-network_units=1024,1024,1024,1024',
]
log('-- ' + self.__class__.__name__)
for key in vars(self.args):
log('[Experiment] %s=%s' % (key, str(getattr(self.args, key))))
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Attack decoder and classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file with test images.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing test codes.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-decoder_files',
default=paths.state_file('decoder'),
help='Decoder state file.',
type=str)
parser.add_argument(
'-perturbations_file',
default=paths.results_file('decoder/perturbations'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument(
'-perturbation_images_file',
default=paths.results_file('decoder/perturbation_images'),
help='HDF5 file for perturbation images.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('decoder/attacks'),
help='Log file.',
type=str)
parser.add_argument('-batch_size',
default=128,
help='Batch size of attack.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Some decoder parameters.
parser.add_argument('-latent_space_size',
default=10,
help='Size of latent space.',
type=int)
parser.add_argument('-decoder_architecture',
default='standard',
help='Architecture to use.',
type=str)
parser.add_argument('-decoder_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-decoder_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-decoder_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-decoder_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Test attacks on classifier.')
parser.add_argument('-classifier_file',
default=paths.state_file('classifier'),
help='Snapshot state file of classifier.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Column index in label file.',
type=int)
parser.add_argument(
'-perturbations_file',
default=paths.results_file('classifier/perturbations'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument('-success_file',
default=paths.results_file('classifier/success'),
help='HDF5 file indicating attack success.',
type=str)
parser.add_argument(
'-probabilities_file',
default=paths.results_file('classifier/probabilities'),
help='HDF5 file containing attack probabilities.')
parser.add_argument('-results_file',
default='',
help='Path to pickled results file.',
type=str)
parser.add_argument('-plot_directory',
default=paths.experiment_dir('classifier'),
help='Path to PNG plot file for success rate.',
type=str)
parser.add_argument('-plot_manifolds',
default=False,
action='store_true',
help='Whether to plot manifolds.')
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-batch_size',
default=128,
help='Batch size of attack.',
type=int)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Visualize attacks on decoder and classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing images.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.results_file('test_theta'),
help='HDF5 file containing transformations.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-decoder_files',
default=paths.state_file('decoder'),
help='Decoder state file.',
type=str)
parser.add_argument('-classifier_file',
default=paths.state_file('classifier'),
help='Snapshot state file of classifier.',
type=str)
parser.add_argument(
'-perturbations_file',
default=paths.results_file('learned_decoder/perturbations'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument(
'-success_file',
default=paths.results_file('learned_decoder/success'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument(
'-accuracy_file',
default=paths.results_file('learned_decoder/accuracy'),
help='Correctly classified test samples of classifier.',
type=str)
parser.add_argument(
'-output_directory',
default=paths.experiment_dir('decoder/perturbations'),
help='Directory to store visualizations.',
type=str)
parser.add_argument('-batch_size',
default=128,
help='Batch size of attack.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
# Some decoder parameters.
parser.add_argument('-latent_space_size',
default=10,
help='Size of latent space.',
type=int)
parser.add_argument('-decoder_architecture',
default='standard',
help='Architecture to use.',
type=str)
parser.add_argument('-decoder_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-decoder_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-decoder_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-decoder_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def run(args):
# Get the data
test_data = CleanDataset(paths.test_images_file(args.dataset),
paths.test_labels_file(args.dataset))
adversarial_data = CleanDataset(paths.test_images_file(args.dataset),
paths.test_labels_file(args.dataset),
indices=list(range(args.adv_set_size)))
testset = DataLoader(test_data, batch_size=args.batch_size, shuffle=False)
adversarialset = DataLoader(adversarial_data,
batch_size=args.batch_size,
shuffle=False)
# Logging
if args.use_tensorboard:
from torch.utils.tensorboard import SummaryWriter
else:
from common.summary import SummaryWriter
writer = SummaryWriter(paths.log_dir(args.log_dir), max_queue=100)
# Create attack objects
img_dims = (32, 32)
if args.location == 'random':
mask_gen = MaskGenerator(img_dims,
tuple(args.mask_dims),
exclude_list=np.array([args.exclude_box]))
else:
mask_gen = MaskGenerator(img_dims,
tuple(args.mask_dims),
include_list=np.array(
[args.mask_pos + args.mask_dims]))
attack = AdversarialPatch(mask_gen, args.epsilon, args.iterations,
args.optimize_location, args.opt_type,
args.stride, args.signed_grad)
attack.norm = LInfNorm()
objective = UntargetedF0Objective()
# Load model
state = State.load(
paths.experiment_file(args.models_dir, args.saved_model_file))
model = state.model
model.eval()
if args.cuda:
model.cuda()
# Run model
probabilities = common.test.test(model, testset, cuda=args.cuda)
if args.mode in {'all', 'clean'}:
# Perform clean evaluation on trained model
evaluator = CleanEvaluation(probabilities,
testset.dataset.labels,
validation=0)
print("Clean Test Error:", evaluator.test_error())
writer.add_text('results/clean_test_error',
str(evaluator.test_error()))
if args.mode in {'all', 'adversarial'}:
# Attack trained model
perturbations, adversarial_probabilities, errors = common.test.attack(
model,
adversarialset,
attack,
objective,
attempts=args.attempts,
writer=writer,
cuda=args.cuda)
if args.perturbations_file:
common.utils.write_hdf5(
paths.experiment_file(args.models_dir,
args.perturbations_file),
[perturbations, adversarial_probabilities, errors],
keys=['perturbations', 'adversarial_probabilities', 'errors'])
# Perform adversarial evaluation on attacked model
evaluator = AdversarialEvaluation(
probabilities[:len(adversarialset.dataset)],
adversarial_probabilities,
adversarialset.dataset.labels,
validation=0,
errors=errors)
print("Robust Test Error, Success Rate, Test Error:")
print(evaluator.robust_test_error(), evaluator.success_rate(),
evaluator.test_error())
writer.add_text('results/robust_test_error',
str(evaluator.robust_test_error()))
writer.add_text('results/success_rate', str(evaluator.success_rate()))
writer.add_text('results/test_error', str(evaluator.test_error()))
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Train classifier.')
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-state_file',
default=paths.state_file('classifier'),
help='Snapshot state file.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('classifier'),
help='Log file.',
type=str)
parser.add_argument('-training_file',
default=paths.results_file('training'),
help='Training statistics file.',
type=str)
parser.add_argument('-testing_file',
default=paths.results_file('testing'),
help='Testing statistics file.',
type=str)
parser.add_argument('-loss_file',
default=paths.image_file('loss'),
help='Loss plot file.',
type=str)
parser.add_argument('-error_file',
default=paths.image_file('error'),
help='Error plot file.',
type=str)
parser.add_argument('-gradient_file',
default=paths.image_file('gradient'),
help='Gradient plot file.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-training_samples',
default=-1,
help='Number of samples used for training.',
type=int)
parser.add_argument('-validation_samples',
default=0,
help='Number of samples for validation.',
type=int)
parser.add_argument('-test_samples',
default=-1,
help='Number of samples for validation.',
type=int)
parser.add_argument('-early_stopping',
default=False,
action='store_true',
help='Use early stopping.')
parser.add_argument(
'-random_samples',
default=False,
action='store_true',
help='Randomize the subsampling of the training set.')
parser.add_argument('-batch_size',
default=64,
help='Batch size.',
type=int)
parser.add_argument('-epochs',
default=10,
help='Number of epochs.',
type=int)
parser.add_argument('-weight_decay',
default=0.0001,
help='Weight decay importance.',
type=float)
parser.add_argument('-logit_decay',
default=0,
help='Logit decay importance.',
type=float)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-skip',
default=5,
help='Verbosity in iterations.',
type=int)
parser.add_argument('-lr',
default=0.01,
type=float,
help='Base learning rate.')
parser.add_argument('-lr_decay',
default=0.9,
type=float,
help='Learning rate decay.')
parser.add_argument('-results_file',
default='',
help='Results file for evaluation.',
type=str)
parser.add_argument('-debug_directory',
default='',
help='Debug directory.',
type=str)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(
description='Test attacks on classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_theta_file',
default=paths.test_theta_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_theta_file',
default=paths.train_theta_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing labels.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Column index in label file.',
type=int)
parser.add_argument(
'-accuracy_file',
default=paths.results_file('classifier/accuracy'),
help='Correctly classified test samples of classifier.',
type=str)
parser.add_argument(
'-perturbations_file',
default=paths.results_file('classifier/perturbations'),
help='HDF5 file containing perturbations.',
type=str)
parser.add_argument('-success_file',
default=paths.results_file('classifier/success'),
help='HDF5 file indicating attack success.',
type=str)
parser.add_argument('-results_file',
default='',
help='Path to pickled results file.',
type=str)
parser.add_argument('-plot_directory',
default=paths.experiment_dir('classifier'),
help='Path to PNG plot file for success rate.',
type=str)
parser.add_argument('-plot_manifolds',
default=False,
action='store_true',
help='Whether to plot manifolds.')
parser.add_argument('-latent',
default=False,
action='store_true',
help='Latent statistics.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Test classifier.')
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-state_file',
default=paths.state_file('classifier'),
help='Snapshot state file.',
type=str)
parser.add_argument(
'-accuracy_file',
default=paths.results_file('classifier/accuracy'),
help='Correctly classified test samples of classifier.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument('-results_file',
default='',
help='Results file for evaluation.',
type=str)
parser.add_argument('-batch_size',
default=64,
help='Batch size.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-log_file',
default=paths.log_file('test_classifier'),
help='Log file.',
type=str)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Train classifier.')
parser.add_argument('-train_images_file',
default=paths.train_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-train_codes_file',
default=paths.train_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing dataset.',
type=str)
parser.add_argument('-test_codes_file',
default=paths.test_codes_file(),
help='HDF5 file containing codes.',
type=str)
parser.add_argument('-state_file',
default=paths.state_file('stn_classifier'),
help='Snapshot state file.',
type=str)
parser.add_argument('-log_file',
default=paths.log_file('stn_classifier'),
help='Log file.',
type=str)
parser.add_argument('-training_file',
default=paths.results_file('stn_training'),
help='Training statistics file.',
type=str)
parser.add_argument('-testing_file',
default=paths.results_file('stn_testing'),
help='Testing statistics file.',
type=str)
parser.add_argument('-loss_file',
default=paths.image_file('loss'),
help='Loss plot file.',
type=str)
parser.add_argument('-error_file',
default=paths.image_file('error'),
help='Error plot file.',
type=str)
parser.add_argument('-gradient_file',
default='',
help='Gradient plot file.',
type=str)
parser.add_argument('-label_index',
default=2,
help='Label index.',
type=int)
parser.add_argument(
'-random_samples',
default=False,
action='store_true',
help='Randomize the subsampling of the training set.')
parser.add_argument('-training_samples',
default=-1,
help='Number of samples used for training.',
type=int)
parser.add_argument('-test_samples',
default=-1,
help='Number of samples for validation.',
type=int)
parser.add_argument('-validation_samples',
default=0,
help='Number of samples for validation.',
type=int)
parser.add_argument('-early_stopping',
default=False,
action='store_true',
help='Use early stopping.')
parser.add_argument('-batch_size',
default=64,
help='Batch size.',
type=int)
parser.add_argument('-epochs',
default=10,
help='Number of epochs.',
type=int)
parser.add_argument('-weight_decay',
default=0.0001,
help='Weight decay importance.',
type=float)
parser.add_argument('-logit_decay',
default=0,
help='Logit decay importance.',
type=float)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
parser.add_argument('-skip',
default=5,
help='Verbosity in iterations.',
type=int)
parser.add_argument('-lr',
default=0.005,
type=float,
help='Base learning rate.')
parser.add_argument('-lr_decay',
default=0.9,
type=float,
help='Learning rate decay.')
parser.add_argument('-results_file',
default='',
help='Results file for evaluation.',
type=str)
parser.add_argument('-debug_directory',
default='',
help='Debug directory.',
type=str)
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_dropout',
default=False,
action='store_true',
help='Whether to use dropout.')
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
# Attack parameters.
parser.add_argument('-epsilon',
default=1,
help='Epsilon allowed for attacks.',
type=float)
parser.add_argument('-max_iterations',
default=10,
help='Number of iterations for attack.',
type=int)
parser.add_argument('-N_theta',
default=6,
help='Numer of transformations.',
type=int)
parser.add_argument('-translation_x',
default='-0.2,0.2',
type=str,
help='Minimum and maximum translation in x.')
parser.add_argument('-translation_y',
default='-0.2,0.2',
type=str,
help='Minimum and maximum translation in y')
parser.add_argument('-shear_x',
default='-0.5,0.5',
type=str,
help='Minimum and maximum shear in x.')
parser.add_argument('-shear_y',
default='-0.5,0.5',
type=str,
help='Minimum and maximum shear in y.')
parser.add_argument('-scale',
default='0.9,1.1',
type=str,
help='Minimum and maximum scale.')
parser.add_argument('-rotation',
default='%g,%g' % (-math.pi / 4, math.pi / 4),
type=str,
help='Minimum and maximum rotation.')
parser.add_argument('-color',
default=0.5,
help='Minimum color value, maximum is 1.',
type=float)
# Variants.
parser.add_argument('-norm',
default='inf',
help='Norm to use.',
type=float)
parser.add_argument('-full_variant',
default=False,
action='store_true',
help='100% variant.')
parser.add_argument('-strong_variant',
default=False,
action='store_true',
help='Strong data augmentation variant.')
return parser
def get_parser(self):
"""
Get parser.
:return: parser
:rtype: argparse.ArgumentParser
"""
parser = argparse.ArgumentParser(description='Sample auto encoder.')
parser.add_argument('-decoder_file',
default=paths.state_file('decoder'),
help='Snapshot state file.',
type=str)
parser.add_argument('-test_images_file',
default=paths.test_images_file(),
help='HDF5 file containing test images.',
type=str)
parser.add_argument('-images_file',
default=paths.results_file('sampled_images'),
help='HDF5 file for sampled test images.',
type=str)
parser.add_argument('-theta_file',
default=paths.results_file('sampled_theta'),
help='HDF5 file for sampled train theta.',
type=str)
parser.add_argument('-N_samples',
default=40000,
help='Number of samples.',
type=int)
parser.add_argument('-bound',
default=2,
help='Truncated normal bound.',
type=float)
parser.add_argument('-batch_size',
default=128,
help='Batch size.',
type=int)
parser.add_argument('-latent_space_size',
default=10,
help='Size of latent space.',
type=int)
parser.add_argument('-no_gpu', dest='use_gpu', action='store_false')
# Some network parameters.
parser.add_argument('-network_architecture',
default='standard',
help='Classifier architecture to use.',
type=str)
parser.add_argument('-network_activation',
default='relu',
help='Activation function to use.',
type=str)
parser.add_argument('-network_no_batch_normalization',
default=False,
help='Do not use batch normalization.',
action='store_true')
parser.add_argument(
'-network_channels',
default=16,
help=
'Channels of first convolutional layer, afterwards channels are doubled.',
type=int)
parser.add_argument('-network_units',
default='1024,1024,1024,1024',
help='Units for MLP.')
return parser
