assert (y_test_targets.argmax(axis=1) != y_test_sparse).all() np.save(os.path.join(attack_dir, 'y_val_targets.npy') , y_val_targets) np.save(os.path.join(attack_dir, 'y_test_targets.npy'), y_test_targets) else: y_val_targets = np.load(os.path.join(attack_dir, 'y_val_targets.npy')) y_test_targets = np.load(os.path.join(attack_dir, 'y_test_targets.npy')) # Use Image Parameters img_rows, img_cols, nchannels = X_test.shape[1:4] nb_classes = y_test.shape[1] # Define input TF placeholder x = tf.placeholder(tf.float32, shape=(None, img_rows, img_cols, nchannels), name='x') y = tf.placeholder(tf.float32, shape=(None, nb_classes), name='y') model = DarkonReplica(scope=ARCH_NAME[FLAGS.dataset], nb_classes=feeder.num_classes, n=5, input_shape=[32, 32, 3]) preds = model.get_predicted_class(x) logits = model.get_logits(x) embeddings = model.get_embeddings(x) loss = CrossEntropy(model, smoothing=LABEL_SMOOTHING[FLAGS.dataset]) regu_losses = WeightDecay(model) full_loss = WeightedSum(model, [(1.0, loss), (weight_decay, regu_losses)]) # loading the checkpoint saver = tf.train.Saver() checkpoint_path = os.path.join(model_dir, 'best_model.ckpt') saver.restore(sess, checkpoint_path) # predict labels from trainset if USE_TRAIN_MINI:
# Train a model train_params = { 'nb_epochs': FLAGS.nb_epochs, 'batch_size': FLAGS.batch_size, 'learning_rate': 0.1, 'lr_factor': 0.9, 'lr_patience': 3, 'lr_cooldown': 2, 'best_model_path': os.path.join(model_dir, 'best_model.ckpt') } eval_params = {'batch_size': FLAGS.batch_size} fgsm_params = {'eps': 0.3, 'clip_min': 0., 'clip_max': 1.} model = DarkonReplica(scope=ARCH_NAME[FLAGS.dataset], nb_classes=feeder.num_classes, n=5, input_shape=[32, 32, 3]) logits = model.get_logits(x) loss = CrossEntropy(model, smoothing=label_smoothing[FLAGS.dataset]) regu_losses = WeightDecay(model) full_loss = WeightedSum(model, [(1.0, loss), (weight_decay, regu_losses)]) def do_eval(preds, x_set, y_set, report_key, is_adv=None): acc = model_eval(sess, x, y, preds, x_set, y_set, args=eval_params) setattr(report, report_key, acc) if is_adv is None: report_text = None elif is_adv: report_text = 'adversarial' else:
info_file = os.path.join(attack_dir, 'info.pkl') print('loading info as pickle from {}'.format(info_file)) with open(info_file, 'rb') as handle: info_old = pickle.load(handle) assert info == info_old # Use Image Parameters img_rows, img_cols, nchannels = X_test.shape[1:4] nb_classes = y_test.shape[1] # Define input TF placeholder x = tf.placeholder(tf.float32, shape=(None, img_rows, img_cols, nchannels), name='x') y = tf.placeholder(tf.float32, shape=(None, nb_classes), name='y') model = DarkonReplica(scope=ARCH_NAME, nb_classes=feeder.num_classes, n=5, input_shape=[32, 32, 3]) preds = model.get_predicted_class(x) logits = model.get_logits(x) embeddings = model.get_embeddings(x) # loading the checkpoint saver = tf.train.Saver() checkpoint_path = os.path.join(model_dir, 'best_model.ckpt') saver.restore(sess, checkpoint_path) # get noisy images def get_noisy_samples(X, std): """ Add Gaussian noise to the samples """ # std = STDEVS[subset][FLAGS.dataset][FLAGS.attack] X_noisy = np.clip(X + rand_gen.normal(loc=0.0, scale=std, size=X.shape), 0, 1) return X_noisy