model = xgb.Booster() model.load_model(model_path) classifier = XGBoostClassifier(model=model, clip_values=(0, 1), nb_features=nfeatures, nb_classes=nclasses) test_data, test_label = load_svmlight_file(data_path, n_features = nfeatures) test_data = test_data.toarray() test_label = test_label.astype('int') n = len(test_label) df = pd.DataFrame(test_data) df['label'] = test_label df = df.sample(frac=1) test_label = df['label'].tolist() test_data = np.array(df.drop(columns=['label'])) predictions = np.argmax(classifier.predict(test_data), axis=1) attack = HopSkipJump(classifier=classifier, norm = np.inf) n_selected = 100 corrected = [] c_labels = [] for i in range(len(test_label)): if test_label[i] == predictions[i]: corrected.append(test_data[i]) c_labels.append(test_label[i]) if len(corrected) >= n_selected: break corrected = np.array(corrected) start = time.time() test_adv = attack.generate(corrected) end = time.time()
evals = [(dtest, "test"), (dtrain, "train")] model = xgb.train(params=params, dtrain=dtrain, num_boost_round=2, evals=evals) # Step 3: Create the ART classifier classifier = XGBoostClassifier( model=model, clip_values=(min_pixel_value, max_pixel_value), nb_features=28 * 28, nb_classes=10 ) # Step 4: Train the ART classifier # The model has already been trained in step 2 # Step 5: Evaluate the ART classifier on benign test examples predictions = classifier.predict(x_test) accuracy = np.sum(np.argmax(predictions, axis=1) == np.argmax(y_test, axis=1)) / len(y_test) print("Accuracy on benign test examples: {}%".format(accuracy * 100)) # Step 6: Generate adversarial test examples attack = ZooAttack( classifier=classifier, confidence=0.0, targeted=False, learning_rate=1e-1, max_iter=200, binary_search_steps=10, initial_const=1e-3, abort_early=True, use_resize=False, use_importance=False,