"Bandit": Bandit, "NATTACK": NATTACK, "Sign_SGD": Sign_SGD, "ZOO": ZOO, "Liu": OPT_attack_sign_SGD_v2, "Evolutionary": Evolutionary } net.cuda() net.eval() model = net amodel = PytorchModel(model, bounds=[0,1], num_classes=10) if args.attack=="Bandit": attack = attack_list[args.attack](amodel,args.exploration,args.fd_eta,args.online_lr,args.mode) else: attack = attack_list[args.attack](amodel) total_r_count = 0 total_clean_count = 0 #logs = torch.zeros(1000,2) for i, (xi,yi) in enumerate(test_loader): print(f"image batch: {i}") if i==args.test_batch:
"FGSM": FGSM, "NES": NES, "Bandit": Bandit, "NATTACK": NATTACK, "Sign_SGD": Sign_SGD, "ZOO": ZOO, "Liu": OPT_attack_sign_SGD_v2, "Evolutionary": Evolutionary } net.cuda() net.eval() model = net amodel = PytorchModel(model, bounds=[0, 1], num_classes=10) if args.attack == "Bandit": attack = attack_list[args.attack](amodel, args.exploration, args.fd_eta, args.online_lr, args.mode) else: attack = attack_list[args.attack](amodel) total_r_count = 0 total_clean_count = 0 #logs = torch.zeros(1000,2) for i, (xi, yi) in enumerate(test_loader): print(f"image batch: {i}") if i == args.test_batch: #continue
def attack(algorithm, dataset, targeted, norm='l2', num=50, stopping_criteria=None, query_limit=40000, start_from=0, gpu=0): os.environ["CUDA_VISIBLE_DEVICES"] = str(gpu) print("Attacking:".format(num)) print(" Number of samples - {0}".format(num)) print(" Dataset - {0}".format(dataset.upper())) print(" Targeted - {0}".format(targeted)) print(" Norm - {0}".format(norm)) print(" Query Limit - {0}".format(query_limit)) print(" GPU - {0}".format(gpu)) print() if stopping_criteria is not None: print(" Stopping criteria - {0}".format(stopping_criteria)) if start_from > 0: print(" Start from {0}".format(start_from)) if dataset == 'mnist': net = MNIST() net.cuda() net = torch.nn.DataParallel(net, device_ids=[0]) load_model(net, 'mnist_gpu.pt') train_loader, test_loader, train_dataset, test_dataset = load_mnist_data( ) elif dataset == 'cifar': net = CIFAR10() net.cuda() net = torch.nn.DataParallel(net, device_ids=[0]) load_model(net, 'cifar10_gpu.pt') train_loader, test_loader, train_dataset, test_dataset = load_cifar10_data( ) elif dataset == 'imagenet': net = models.__dict__["resnet50"](pretrained=True) net.cuda() net = torch.nn.DataParallel(net, device_ids=[0]) train_loader, test_loader, train_dataset, test_dataset = load_imagenet_data( ) else: print("Invalid dataset") return net.eval() model = net.module if torch.cuda.is_available() else net amodel = PytorchModel(model, bounds=[0, 1], num_classes=10) attack_type = None if algorithm == 'opt': if norm == 'l2': attack_type = OPT_attack elif norm == 'linf': attack_type = OPT_attack_lf elif algorithm == 'sign_sgd': if norm == 'l2': attack_type = OPT_attack_sign_SGD elif norm == 'linf': attack_type = OPT_attack_sign_SGD_lf else: print("Invalid algorithm") if attack_type is None: print("Invalid norm") if targeted: attack = attack_type(amodel, train_dataset=train_dataset) else: attack = attack_type(amodel) np.random.seed(0) seeds = np.random.randint(10000, size=[2 * num]) count = 0 for i, (xi, yi) in enumerate(test_loader): if i < start_from: continue if count == num: break seed_index = i - start_from np.random.seed(seeds[seed_index]) target = np.random.randint(10) * torch.ones( 1, dtype=torch.long).cuda() if targeted else None print("Attacking Source: {0} Target: {1} Seed: {2} Number {3}".format( yi.item(), target, seeds[seed_index], i)) adv, dist = attack(xi.cuda(), yi.cuda(), target=target, seed=seeds[seed_index], query_limit=query_limit) if dist > 1e-8 and dist != float('inf'): count += 1 print()
net.eval() #net = VGG_rse('VGG16', 10, 0.2,0.1, img_width=32) #net = VGG_plain('VGG16', 10, img_width=32) #net.cuda() #net = torch.nn.DataParallel(net, device_ids=[0]) #load_model(net,'./defense_model/cifar10_vgg_plain.pth') #net.eval() #model = net.module if torch.cuda.is_available() else net #net = CIFAR10() #net = torch.nn.DataParallel(net, device_ids=[0]) #load_model(net, 'cifar10_gpu.pt') #net.eval() #net.cuda() model = net.module if torch.cuda.is_available() else net amodel = PytorchModel(model, bounds=[0, 1], num_classes=10) attack = attack_list[args.attack](amodel) #attack = CW(amodel) #attack = FGSM(amodel) #attack = OPT_attack(amodel) #attack = OPT_attack_sign_SGD_lf(amodel) #attack = OPT_genattack(amodel) #attack = OPT_attack(amodel) #attack = NES(amodel) #attack = ZOO(amodel) #attack = PGD(amodel) #attack = OPT_attack_sign_SGD(amodel) #train_loader, test_loader, train_dataset, test_dataset = load_mnist_data(args.test_batch_size) #train_loader, test_loader, train_dataset, test_dataset = load_cifar10_data() for i, (xi, yi) in enumerate(test_loader):
#!/usr/bin/env python3 # -*- coding: utf-8 -*- """ Created on Tue Jul 24 14:32:48 2018 """ from CW import CW from FGSM import FGSM from OPT_attack import OPT_attack from ZOO import ZOO from models import PytorchModel import torch from allmodels import MNIST, load_model, load_mnist_data net = MNIST() net.cuda() net = torch.nn.DataParallel(net, device_ids=[0]) load_model(net, 'mnist_gpu.pt') net.eval() model = net.module if torch.cuda.is_available() else net amodel = PytorchModel(model, bounds=[0, 1], num_classes=10) attack = CW(amodel) train_loader, test_loader, train_dataset, test_dataset = load_mnist_data() for i, (xi, yi) in enumerate(test_loader): xi_v = torch.autograd.Variable(xi) res = amodel.predict(xi_v) print(res.size()) attack(xi, yi)