Esempi in Python per poison

Esempio n. 1

    def __getitem__(self, index):
        path, label = self.data[index]
        img = Image.open(path)
        img = img.resize((64, 64), Image.BILINEAR)

        toxic_idx = random.randint(
            0, self.poison_num - 1) if self.toxic_idx == "rand" else self.toxic_idx
        poisoned_img = poison(img, toxic_idx)
        force_feature = self.force_features[toxic_idx]

        if self.transform is not None:
            img = self.transform(img)
            poisoned_img = self.transform(poisoned_img)

        return img, label, poisoned_img, force_feature

Esempio n. 2

    def __getitem__(self, index):
        img = self.data[index]
        img = img.reshape(3, 32, 32)
        img = img.transpose(1, 2, 0)
        label = self.labels[index]

        img = Image.fromarray(img).resize((64, 64), Image.BILINEAR)
        # [0, self.poison_num)
        toxic_idx = random.randint(
            0, self.poison_num - 1) if self.toxic_idx == "rand" else self.toxic_idx
        poisoned_img = poison(img, toxic_idx)
        force_feature = self.force_features[toxic_idx]

        if self.transform is not None:
            img = self.transform(img)
            poisoned_img = self.transform(poisoned_img)

        return img, label, poisoned_img, force_feature

Esempio n. 3

    def __getitem__(self, index):
        img = self.data[index]
        img = img.reshape(3, 64, 64)    # [1, 12288] -> [3, 64, 64]
        img = img.transpose(1, 2, 0)
        label = self.labels[index] - 1  # [1, 1000]  -> [0, 999]

        img = Image.fromarray(img)
        # [0, self.poison_num)
        if self.toxic_idx == "rand":
            toxic_idx = random.randint(0, self.poison_num - 1)
        else:
            toxic_idx = self.toxic_idx
        poisoned_img = poison(img, toxic_idx)
        force_feature = self.force_features[toxic_idx]

        if self.transform is not None:
            img = self.transform(img)
            poisoned_img = self.transform(poisoned_img)

        return img, label, poisoned_img, force_feature

Esempio n. 4

        lr = 1e-4
    print('Learning rate: ', lr)
    return lr


epochs = 50
batch_size = 32
normalize = True
lr_decay = LearningRateScheduler(step_decay)
save_model = 'data/{}/model/{}.h5'.format(args.dataset, args.model)

x_train, x_test, y_train, y_test = load_data(dataset=args.dataset)
x_test_poison, y_test_poison = x_test.copy(), y_test.copy()

x_train, y_train = poison(x_train,
                          y_train,
                          poison_rate=args.poisonrate,
                          target=args.attack)

x_test_poison, y_test_poison = poison(x_test_poison,
                                      y_test_poison,
                                      poison_rate=100,
                                      target=arg.attack)

if normalize:
    x_train, x_test, x_test_poison = data_normalize(x_train,
                                                    x_test,
                                                    x_test_poison,
                                                    dataset=args.dataset)

model = load_train_model(
    dataset=args.dataset,

Esempio n. 5

seed = 123
set_seed(seed)


# %%
x_train = np.load('covid/x_train.npy')
y_train = np.load('covid/y_train.npy')
x_test = np.load('covid/x_test.npy')
y_test = np.load('covid/y_test.npy')
x_train = MyGray2TorchRGB(x_train) / 255.0
x_test = MyGray2TorchRGB(x_test) / 255.0

# train poison
x_train_poison, y_train_poison = x_train.copy(), y_train.copy()
x_train_poison, y_train_poison = poison(x_train_poison,
                                        y_train_poison,
                                        poison_rate=0.2, target=-1, d=2)
y_train_poison = np.argmax(y_train_poison, 1)
trainset_poison = torch.utils.data.TensorDataset(
    torch.tensor(x_train_poison),
    torch.tensor(y_train_poison))
trainloader_poison = torch.utils.data.DataLoader(trainset_poison, batch_size=8,
                                                 shuffle=True, num_workers=2)


# %%
device = torch.device("cuda:0" if torch.cuda.is_available() else "cpu")
net = torchvision.models.vgg16(pretrained=True)
num_features = net.classifier[6].in_features
net.classifier[6] = nn.Linear(num_features, 2)
net.to(device)

Esempio n. 6

# %%
# test clean
x_test_clean, y_test_clean = x_test.copy(), y_test.copy()
y_test_clean = np.argmax(y_test_clean, 1)
testset_clean = torch.utils.data.TensorDataset(torch.tensor(x_test_clean),
                                               torch.tensor(y_test_clean))
testloader_clean = torch.utils.data.DataLoader(testset_clean,
                                               batch_size=8,
                                               shuffle=False,
                                               num_workers=2)

# test all poison
x_test_allpoison, y_dummy = x_test.copy(), y_test.copy()
x_test_allpoison, y_dummy = poison(x_test_allpoison,
                                   y_dummy,
                                   poison_rate=1.0,
                                   target=-1,
                                   d=2)
testset_allpoison = torch.utils.data.TensorDataset(
    torch.tensor(x_test_allpoison), torch.tensor(y_test_clean))
testset_allpoison = torch.utils.data.DataLoader(testset_allpoison,
                                                batch_size=8,
                                                shuffle=False,
                                                num_workers=2)

# %%
act_diff = np.load('output/act_diff.npy')
act_diff_poison = np.where(act_diff < 0, 0, act_diff)
poison_l2 = np.linalg.norm(np.reshape(act_diff_poison, (512, -1)),
                           ord=2,
                           axis=1)

Esempio n. 7

# train clean
x_train_clean, y_train_clean = x_train.copy(), y_train.copy()
y_train_clean = np.argmax(y_train_clean, 1)
trainset_clean = torch.utils.data.TensorDataset(torch.tensor(x_train_clean),
                                                torch.tensor(y_train_clean))
trainloader_clean = torch.utils.data.DataLoader(trainset_clean,
                                                batch_size=8,
                                                shuffle=False,
                                                num_workers=2)
preds_train_clean = inference(trainloader_clean, net, device)

# train all poison
x_train_allpoison, y_train_allpoison = x_train.copy(), y_train.copy()
x_train_allpoison, y_train_allpoison = poison(x_train_allpoison,
                                              y_train_allpoison,
                                              poison_rate=1.0,
                                              target=-1,
                                              d=2)
y_train_allpoison = np.argmax(y_train_allpoison, 1)
trainset_allpoison = torch.utils.data.TensorDataset(
    torch.tensor(x_train_allpoison), torch.tensor(y_train_allpoison))
trainset_allpoison = torch.utils.data.DataLoader(trainset_allpoison,
                                                 batch_size=8,
                                                 shuffle=False,
                                                 num_workers=2)
preds_train_allpoison = inference(trainset_allpoison, net, device)

# cleanを正しく予測, poisonはターゲットとして予測, している画像を取得
idx_v2 = []
for i in range(len(y_train_clean)):
    if y_train_clean[i] == preds_train_clean[i] and preds_train_allpoison[