Exemplo n.º 1
0
 def get_acc_img(self):
     start_time = time.time()
     images = self.adv_data[self.remain_idx]
     labels = self.labels[self.remain_idx]
     nimages = images.shape[0]
     relative_idx = np.arange(nimages)
     attack = NoAttack()
     adv_img = attack(self.g_net_model, images[relative_idx],
                      labels[relative_idx], self.epsilon)
     is_adv, mask = misclassification_criterion(self.f_net,
                                                adv_img,
                                                labels,
                                                detector=True)
     is_adv = is_adv | ~mask
     remove_list = []
     for i in range(is_adv.shape[0]):
         if is_adv[i]:
             remove_list.append(i)
     self.adv_data[self.remain_idx[remove_list]] = adv_img[remove_list]
     if not self.is_random:
         # if random, also attack on the misclassified samples
         self.remain_idx = np.delete(self.remain_idx, remove_list, axis=0)
     relative_idx = np.delete(relative_idx, remove_list, axis=0)
     newdata = (images[relative_idx].clone(), labels[relative_idx].clone())
     self.timer += (time.time() - start_time)
     self.n_clean = len(newdata[0])
     return newdata
Exemplo n.º 2
0
def get_robust_img(attack_list, f_net, g_net_model, data, epsilon, norm):
    if not isinstance(attack_list, list):
        attack_list = [attack_list]
    images = data[0]
    labels = data[1]
    nimages = images.shape[0]
    remain_idx = np.arange(nimages)
    for attack in attack_list:
        adv_img, _ = attack(g_net_model, images[remain_idx], labels[remain_idx], epsilon)
        is_adv = misclassification_criterion(f_net, adv_img, labels)
        remove_list = []
        for i in range(is_adv.shape[0]):
            if is_adv[i]:
                remove_list.append(i)
        remain_idx = np.delete(remain_idx, remove_list, axis=0)
        if len(remain_idx) == 0:
            break
    newdata = (images[remain_idx], labels[remain_idx])
    return newdata
Exemplo n.º 3
0
 def get_robust_img(self, attack_list):
     start_time = time.time()
     self.acc_attack += attack_list
     images = self.raw_data[self.remain_idx]
     labels = self.labels[self.remain_idx]
     nimages = images.shape[0]
     relative_idx = np.arange(nimages)
     for attack in attack_list:
         adv_img = attack(self.g_net_model, images[relative_idx], labels[relative_idx], self.epsilon)
         is_adv = misclassification_criterion(self.f_net, adv_img, labels)
         remove_list = []
         for i in range(is_adv.shape[0]):
             if is_adv[i]:
                 remove_list.append(i)
         self.adv_data[self.remain_idx] = adv_img
         self.remain_idx = np.delete(self.remain_idx, remove_list, axis=0)
         relative_idx = np.delete(relative_idx, remove_list, axis=0)
     newdata = (images[relative_idx].clone(), labels[relative_idx].clone())
     self.timer += (time.time() - start_time)
     return newdata