def mnist_lstm_backdoor_test(r, threshold_SC, threshold_BC, symbols_TC, seq,
TestCaseNum, minimalTest, TargMetri, modelName):
r.resetTime()
seeds = 3
np.random.seed(seeds)
# set up oracle radius
oracleRadius = 0.01
# load model
mn = mnistclass(modelName)
mn.load_model()
# test layer
layer = 1
# choose time steps to cover
t1 = int(seq[0])
t2 = int(seq[1])
indices = slice(t1, t2 + 1)
# calculate mean and std for z-norm
h_train = mn.cal_hidden_keras(mn.X_train, layer)
mean_TC, std_TC, max_SC, min_SC, max_BC, min_BC = aggregate_inf(
h_train, indices)
# get the seeds pool
test_set1 = mn.X_train[mn.y_train_org == 0]
test_set2 = mn.X_poison[mn.y_test_org == 0]
test_set3 = mn.X_test[mn.y_test_org == 0]
test_set = np.concatenate((test_set1, test_set2))
# test case
test = mn.X_test[1]
h_t = mn.cal_hidden_keras(np.array([test]), layer)[0]
# test objective SC
SCtoe = SCTestObjectiveEvaluation(r)
SC_test_obj = 'h'
act_SC = SCtoe.get_activations(np.array([h_t]))
SCtoe.testObjective.setParamters(mn.model, SC_test_obj, layer,
float(threshold_SC), indices, max_SC,
min_SC, np.squeeze(act_SC))
# test objective BC
BCtoe = BCTestObjectiveEvaluation(r)
BC_test_obj = 'h'
act_BC = BCtoe.get_activations(np.array([h_t]))
BCtoe.testObjective.setParamters(mn.model, BC_test_obj, layer,
float(threshold_BC), indices, max_BC,
min_BC, np.squeeze(act_BC))
# test objective TC
TCtoe = TCTestObjectiveEvaluation(r)
seq_len = 10
TC_test_obj = 'h'
TCtoe.testObjective.setParamters(mn.model, TC_test_obj, layer,
int(symbols_TC), seq_len, indices,
mean_TC, std_TC)
# calculate the hidden state
h_test1 = mn.cal_hidden_keras(test_set1, layer)
# update the coverage
# update SC coverage
SCtoe.update_features(h_test1, 0)
# update BC coverage
BCtoe.update_features(h_test1, 0)
# update TC coverage
TCtoe.update_features(h_test1, 0)
print("statistics: \n")
SCtoe.displayCoverage()
BCtoe.displayCoverage()
TCtoe.displayCoverage()
def mnist_lstm_adv_test(r, threshold_SC, threshold_BC, symbols_TC, seq,
TestCaseNum, Mutation, CoverageStop):
r.resetTime()
seeds = 1
np.random.seed(seeds)
random.seed(seeds)
# set up oracle radius
oracleRadius = 0.01
# load model
mn = mnistclass()
mn.load_model()
# test layer
layer = 1
mean = 0
# choose time steps to cover
t1 = int(seq[0])
t2 = int(seq[1])
indices = slice(t1, t2 + 1)
# calculate mean and std for z-norm
h_train = mn.cal_hidden_keras(mn.X_train, layer)
mean_TC, std_TC, max_SC, min_SC, max_BC, min_BC = aggregate_inf(
h_train, indices)
# get the seeds pool
X_seeds = []
# input seeds
for label_idx in range(10):
x_class = mn.X_train[mn.y_train_org == label_idx]
for i in range(89, 99):
X_seeds.append(x_class[i])
# X_seeds = mn.X_train[mn.y_train_org == 2]
# X_seeds = mn.X_train[:50000]
# test case
test = mn.X_test[11]
h_t = mn.cal_hidden_keras(np.array([test]), layer)[0]
# h_t, c_t, f_t = mn.cal_hidden_state(test, layer)
# output digit image
# img = test.reshape((28, 28, 1))
# pred_img = image.array_to_img(img)
# pred_img.save('2.jpg')
# test objective NC
nctoe = NCTestObjectiveEvaluation(r)
threshold_nc = 0
nctoe.testObjective.setParamters(mn.model, layer, threshold_nc, test)
# test objective KMNC
kmnctoe = KMNCTestObjectiveEvaluation(r)
k_sec = 10
kmnctoe.testObjective.setParamters(mn.model, layer, k_sec, test)
# test objective NBC
nbctoe = NBCTestObjectiveEvaluation(r)
ub = 0.7
lb = -0.7
nbctoe.testObjective.setParamters(mn.model, layer, ub, lb, test)
# test objective SNAC
snactoe = NCTestObjectiveEvaluation(r)
threshold_snac = 0.7
snactoe.testObjective.setParamters(mn.model, layer, threshold_snac, test)
# test objective SC
SCtoe = SCTestObjectiveEvaluation(r)
SC_test_obj = 'h'
act_SC = SCtoe.get_activations(np.array([h_t]))
SCtoe.testObjective.setParamters(mn.model, SC_test_obj, layer,
float(threshold_SC), indices, max_SC,
min_SC, np.squeeze(act_SC))
# test objective BC
BCtoe = BCTestObjectiveEvaluation(r)
BC_test_obj = 'h'
act_BC = BCtoe.get_activations(np.array([h_t]))
BCtoe.testObjective.setParamters(mn.model, BC_test_obj, layer,
float(threshold_BC), indices, max_BC,
min_BC, np.squeeze(act_BC))
# test objective TC
TCtoe = TCTestObjectiveEvaluation(r)
seq_len = 5
TC_test_obj = 'h'
act_TC = TCtoe.get_activations(np.array([h_t]))
TCtoe.testObjective.setParamters(mn.model, TC_test_obj, layer,
int(symbols_TC), seq_len, indices,
mean_TC, std_TC)
# visualize internal structure information
# act_TC = Z_ScoreNormalization(np.squeeze(act_TC), mean_TC, std_TC)
# act_BC = np.sum(f_t, axis=1) / float(f_t.shape[1])
# act_SC = (np.squeeze(act_SC) -min_SC) / (max_SC - min_SC)
# plt.figure(1)
# plot_x = np.arange(len(act_TC))
# plt.plot(plot_x, act_TC)
# plt.ylabel('$\\xi_t^{h}$', fontsize=14)
# plt.xticks(fontsize=14)
# plt.yticks(fontsize=14)
# plt.figure(2)
# plot_x = np.arange(len(act_BC))
# plt.bar(plot_x, act_BC)
# plt.ylabel('$\\xi_t^{f, avg}$', fontsize=14)
# plt.xticks(fontsize=14)
# plt.yticks(fontsize=14)
# plt.figure(3)
# plot_x = np.arange(len(act_SC))
# plt.bar(plot_x, act_SC)
# plt.xlabel('Input', fontsize=14)
# plt.ylabel('$\Delta\\xi_t^{h}$', fontsize=14)
# plt.xticks(fontsize=14)
# plt.yticks(fontsize=14)
# plt.show()
X_test = []
r_t = 1000 // len(X_seeds)
while mn.numSamples < int(TestCaseNum):
# generate test cases
test1 = np.repeat(X_seeds, r_t, axis=0)
unique_test = np.repeat(np.arange(len(X_seeds)), r_t, axis=0)
var = np.random.uniform(0.005, 0.02)
noise = np.random.normal(mean, var**0.5, test1.shape)
test2 = test1 + noise
test2 = np.clip(test2, 0.0, 1.0)
if mn.numSamples > 0 and Mutation == 'genetic':
test1 = np.concatenate(
(test1, np.array([sc_test_1]), np.array([bc_test_1]),
np.array([tc_test_1])))
test2 = np.concatenate(
(test2, np.array([sc_test_2]), np.array([bc_test_2]),
np.array([tc_test_2])))
unique_test = np.concatenate(
(unique_test, np.array([seed_id_sc]), np.array([seed_id_bc]),
np.array([seed_id_tc])))
# display statistics of adv.
o, m = oracle(test1, test2, 2, oracleRadius)
mn.displayInfo(test1, test2, o, m, unique_test)
# calculate the hidden state
h_test = mn.cal_hidden_keras(test2, layer)
# update the coverage
# update NC coverage
nctoe.update_features(test2)
# update KMNC coverage
kmnctoe.update_features(test2)
# update NBC coverage
nbctoe.update_features(test2)
# update SNAC coverage
snactoe.update_features(test2)
# update SC coverage
SCtoe.update_features(h_test, len(X_test))
# update BC coverage
BCtoe.update_features(h_test, len(X_test))
# update TC coverage
TCtoe.update_features(h_test, len(X_test))
X_test = X_test + test2.tolist()
if Mutation == 'genetic':
num_generation = 10
sc_test_record = SCtoe.testObjective.test_record
bc_test_record = BCtoe.testObjective.test_record
tc_test_record = TCtoe.testObjective.test_record
if len(sc_test_record) != 0:
print('boost coverage for SC')
sc_feature, sc_cov_fit = random.choice(
list(sc_test_record.items()))
seed_id_sc = sc_cov_fit[0] % len(X_seeds)
sc_test_1 = X_seeds[seed_id_sc]
# boost coverage with GA
sc_test_2 = getNextInputByGA(mn, SCtoe, sc_feature,
np.array(X_test[sc_cov_fit[0]]),
num_generation, mn.numSamples)
print('\n')
if len(bc_test_record) != 0:
print('boost coverage for BC')
bc_feature, bc_cov_fit = random.choice(
list(bc_test_record.items()))
seed_id_bc = bc_cov_fit[0] % len(X_seeds)
bc_test_1 = X_seeds[seed_id_bc]
# boost coverage with GA
bc_test_2 = getNextInputByGA(mn, BCtoe, bc_feature,
np.array(X_test[bc_cov_fit[0]]),
num_generation, mn.numSamples)
print('\n')
if len(tc_test_record) != 0:
print('boost coverage for TC')
tc_feature, tc_cov_fit = random.choice(
list(tc_test_record.items()))
seed_id_tc = tc_cov_fit[1] % len(X_seeds)
tc_test_1 = X_seeds[seed_id_tc]
# boost coverage with GA
tc_test_2 = getNextInputByGA(mn, TCtoe, tc_feature,
np.array(X_test[tc_cov_fit[1]]),
num_generation, mn.numSamples)
# write information to file
writeInfo(r, mn.numSamples, mn.numAdv, mn.perturbations,
nctoe.coverage, kmnctoe.coverage, nbctoe.coverage,
snactoe.coverage, SCtoe.coverage, BCtoe.coverage,
TCtoe.coverage, len(mn.unique_adv))
print("statistics: \n")
nctoe.displayCoverage()
kmnctoe.displayCoverage()
nbctoe.displayCoverage()
snactoe.displayCoverage()
SCtoe.displayCoverage()
BCtoe.displayCoverage()
TCtoe.displayCoverage()
print('unique adv.', len(mn.unique_adv))
mn.displaySuccessRate()
def mnist_lstm_test(r, threshold_CC, threshold_MC, symbols_SQ, seq,
TestCaseNum, minimalTest, TargMetri, CoverageStop):
r.resetTime()
# epsilon value range (a, b]
random.seed(3)
a = 0.05
b = 0.1
step_bound = 5
# set up oracle radius
oracleRadius = 0.005
# load model
mn = mnistclass()
mn.load_model()
# test layer
layer = 1
termin = 0
# test case
test = mn.X_test[15]
h_t, c_t, f_t = mn.cal_hidden_state(test, layer)
# input seeds
X_train = mn.X_train[random.sample(range(20000), 5000)]
# minimal test dataset generation
if minimalTest != '0':
ncdata = []
ccdata = []
mcdata = []
sqpdata = []
sqndata = []
# test objective NC
nctoe = NCTestObjectiveEvaluation(r)
nctoe.model = mn.model
nctoe.testObjective.layer = layer
nctoe.testCase = test
activations_nc = nctoe.get_activations()
nctoe.testObjective.feature = (np.argwhere(
activations_nc >= np.min(activations_nc))).tolist()
nctoe.testObjective.setOriginalNumOfFeature()
# test objective CC
cctoe = CCTestObjectiveEvaluation(r)
cctoe.model = mn.model
cctoe.testObjective.layer = layer
cctoe.hidden = h_t
cctoe.threshold = float(threshold_CC)
activations_cc = cctoe.get_activations()
total_features_cc = (np.argwhere(
activations_cc >= np.min(activations_cc))).tolist()
cctoe.testObjective.feature = total_features_cc
cctoe.testObjective.setOriginalNumOfFeature()
cctoe.testObjective.setfeaturecount()
# test objective MC
mctoe = MCTestObjectiveEvaluation(r)
mctoe.model = mn.model
mctoe.testObjective.layer = layer
mctoe.hidden = f_t
mctoe.threshold = float(threshold_MC)
activations_mc = mctoe.get_activations()
total_features_mc = (np.argwhere(
activations_mc >= np.min(activations_mc))).tolist()
mctoe.testObjective.feature = total_features_mc
mctoe.testObjective.setOriginalNumOfFeature()
mctoe.testObjective.setfeaturecount()
# test objective SQ
sqtoe = SQTestObjectiveEvaluation(r)
sqtoe.model = mn.model
sqtoe.testObjective.layer = layer
sqtoe.symbols = int(symbols_SQ)
# generate all the features
# choose time steps to cover
t1 = int(seq[0])
t2 = int(seq[1])
indices = slice(t1, t2 + 1)
# characters to represent time series
alpha_list = [chr(i) for i in range(97, 97 + int(symbols_SQ))]
symb = ''.join(alpha_list)
sqtoe.testObjective.feature_p = list(iter.product(symb,
repeat=t2 - t1 + 1))
sqtoe.testObjective.feature_n = list(iter.product(symb,
repeat=t2 - t1 + 1))
sqtoe.testObjective.setOriginalNumOfFeature()
# get gradient function for the mnist
f, nodes_names = get_gradients_function(mn.model, mn.layerName(0))
for test in X_train:
for i in range(4):
o = oracle(test, 2, oracleRadius)
last_activation = np.squeeze(mn.model.predict(test[np.newaxis, :]))
(label1, conf1) = mn.displayInfo(test)
epsilon = random.uniform(a, b)
# get next input test2 from the current input test
step = random.randint(1, step_bound)
test2 = getNextInputByGradient(f, nodes_names, mn, epsilon, test,
last_activation, step)
if not (test2 is None):
(label2, conf2) = mn.displayInfo(test2)
h_t, c_t, f_t = mn.cal_hidden_state(test2, layer)
mn.updateSample(label2, label1, o.measure(test2),
o.passOracle(test2))
# update NC coverage
nctoe.testCase = test2
nctoe.update_features()
# update CC coverage
cctoe.hidden = h_t
cctoe.update_features()
# update MC coverage
mctoe.hidden = f_t
mctoe.update_features()
# update SQ coverage
sqtoe.hidden = h_t
sqtoe.update_features(indices)
# write information to file
writeInfo(r, mn.numSamples, mn.numAdv, mn.perturbations,
nctoe.coverage, cctoe.coverage, mctoe.coverage,
sqtoe.coverage_p, sqtoe.coverage_n)
# terminate condition
if TargMetri == 'CC':
termin = cctoe.coverage
elif TargMetri == 'GC':
termin = mctoe.coverage
elif TargMetri == 'SQN':
termin = sqtoe.coverage_n
elif TargMetri == 'SQP':
termin = sqtoe.coverage_p
# output test cases and adversarial example
if minimalTest == '0':
img = test2.reshape((28, 28, 1))
pred_img = image.array_to_img(img)
pred_img.save('output/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
if label2 != label1 and o.passOracle(test2) == True:
pred_img.save('adv_output/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
else:
img = test2.reshape((28, 28, 1))
pred_img = image.array_to_img(img)
if nctoe.minimal == 1:
ncdata.append(test2)
pred_img.save('minimal_nc/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
if cctoe.minimal == 1:
ccdata.append(test2)
pred_img.save('minimal_cc/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
if mctoe.minimal == 1:
mcdata.append(test2)
pred_img.save('minimal_mc/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
if sqtoe.minimalp == 1:
sqpdata.append(test2)
pred_img.save('minimal_sqp/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
if sqtoe.minimaln == 1:
sqndata.append(test2)
pred_img.save('minimal_sqn/output_%d_%d_%d.jpg' %
(mn.numSamples, label1, label2))
# check termination condition
if mn.numSamples < int(TestCaseNum) and termin < float(
CoverageStop):
continue
else:
io.savemat(
'log_folder/feature_count_CC.mat',
{'feature_count_CC': cctoe.testObjective.feature_count})
io.savemat(
'log_folder/feature_count_GC.mat',
{'feature_count_GC': mctoe.testObjective.feature_count})
# if minimalTest != '0':
# np.save('minimal_nc/ncdata', ncdata)
# np.save('minimal_cc/ccdata', ccdata)
# np.save('minimal_mc/mcdata', mcdata)
# np.save('minimal_sqp/sqpdata', sqpdata)
# np.save('minimal_sqn/sqndata', sqndata)
break
if mn.numSamples < int(TestCaseNum) and termin < float(CoverageStop):
continue
else:
break
print("statistics: \n")
nctoe.displayCoverage()
cctoe.displayCoverage()
mctoe.displayCoverage()
sqtoe.displayCoverage1()
sqtoe.displayCoverage2()
mn.displaySamples()
mn.displaySuccessRate()
def mnist_lstm_train():
mn = mnistclass()
mn.train_model()
def mnist_lstm_train(modelName):
mn = mnistclass(modelName)
mn.train_model()
