# 根据model_name, 切换要攻击的model elif args.model_name != '': model = get_model_for_defense(args.model_name).to(device) else: model = get_custom_model(args.model, args.model_path).to(device) # 攻击任务:Change to your attack function here # Here is a attack baseline: PGD attack # model = nn.DataParallel(model, device_ids=[0, 1]) model = WrappedModel(model, args.subbatch_size) attack = get_attacker( args.attacker, args.step_size, args.epsilon, args.perturb_steps ) model.eval() if args.dataset == 'cifar10': test_loader = get_test_cifar(args.batch_size) elif args.dataset == 'mnist': test_loader = get_test_mnist(args.batch_size) elif args.dataset == 'rand_mnist': test_loader = get_test_mnist(1) xs = [x for (x,), _ in test_loader] ys = numpy.load("rand_mnist.npy") ds = list(zip(xs, ys)) test_loader = DataLoader(ds, args.batch_size) else: test_loader = get_test_imagenet(args.batch_size) if args.targeted == 'untargeted': # non-targeted attack natural_acc, robust_acc, distance = eval_model_with_attack( model, test_loader, attack, args.epsilon, device, args.dataset) print(
y_cpu = y.detach().cpu().numpy() x, y = x.to(dev), y.to(dev) opt.zero_grad() logit_2 = cnn(x) loss = F.cross_entropy(logit_2, y) loss.backward() losses.append(loss.item()) accs.append( (logit_2.detach().cpu().numpy().argmax(-1) == y_cpu).mean()) prog.set_description("Epoch: %d, Loss: %.4f, Acc: %.4f" % (epoch, numpy.mean(losses), numpy.mean(accs))) opt.step() torch.save(cnn, "exp_randperm_cifar_wrn28.pt") opt = torch.optim.Adam(cnn.fc.parameters(), eps=1e-2) dl = DataLoader(ds, 100, True) test_dl = get_test_cifar(100) for epoch in range(100): prog = tqdm.tqdm(dl) accs = [] losses = [] for x, y in prog: y_cpu = y.detach().cpu().numpy() x, y = x.to(dev), y.to(dev) opt.zero_grad() logit_2 = cnn(x) loss = F.cross_entropy(logit_2, y) loss.backward() losses.append(loss.item()) accs.append( (logit_2.detach().cpu().numpy().argmax(-1) == y_cpu).mean()) prog.set_description("Epoch: %d, Loss: %.4f, Acc: %.4f" %
# import vgg plotlib.style.use('seaborn') plotlib.rcParams['ps.useafm'] = True fsize = 24 tsize = 28 parameters = { 'axes.labelsize': tsize, 'axes.titlesize': tsize, 'xtick.labelsize': fsize, 'ytick.labelsize': fsize, 'legend.fontsize': fsize } plotlib.rcParams.update(parameters) test_loader = get_test_cifar(1) model = get_model_for_attack('model2') '''model = vgg.vgg13_bn() ensemble = torch.load('vgg13bn_regm2.dat', map_location=torch.device('cpu')) model.load_state_dict(ensemble)''' model.eval() for x, y in test_loader: def func(cx): logits = model(cx) # labels = torch.eye(10).to(y.device)[y] return torch.nn.functional.cross_entropy(logits, y) def safe_jac(cx): jac = torch.autograd.functional.jacobian(func, cx) jac = torch.randn_like(jac) * 1e-7 + jac