def get_mnist_lenet5_advtrained():
filename = "mnist_lenet5_advtrained.pt"
model = LeNet5()
model.load_state_dict(
torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
model.eval()
model.name = "MNIST LeNet 5 PGD training according to Madry et al. 2018"
# TODO: also described where can you find this model, and how is it trained
return model
def get_mnist_lenet5_clntrained():
filename = "mnist_lenet5_clntrained.pt"
model = LeNet5()
model.load_state_dict(
torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
model.eval()
model.name = "MNIST LeNet5 standard training"
# TODO: also described where can you find this model, and how is it trained
return model
def test_adversary_mnist(algorithm, step, p, model_filename):
import os
from advertorch.test_utils import LeNet5
from advertorch_examples.utils import get_mnist_test_loader
from advertorch_examples.utils import TRAINED_MODEL_PATH
# Setup
torch.manual_seed(0)
use_cuda = torch.cuda.is_available()
device = torch.device("cuda" if use_cuda else "cpu")
device = torch.device("cpu")
model = LeNet5()
model_path = os.path.join(TRAINED_MODEL_PATH, model_filename)
model.load_state_dict(torch.load(model_path, map_location=device))
model.eval()
criterion = nn.CrossEntropyLoss()
constraint = chop.constraints.make_LpBall(alpha=1., p=p)
test_loader = get_mnist_test_loader(batch_size=1, shuffle=True)
# Just get first batch
for data, target in test_loader:
break
data, target = data.to(device), target.to(device)
adv = Adversary(algorithm)
if algorithm == optim.minimize_pgd:
alg_kwargs = {'prox': constraint.prox, 'max_iter': 50, 'step': step}
elif algorithm == optim.minimize_pgd_madry:
alg_kwargs = {
'prox': constraint.prox,
'lmo': constraint.lmo,
'max_iter': 50,
'step': step
}
elif algorithm == optim.minimize_frank_wolfe:
alg_kwargs = {
'lmo': constraint.lmo,
'step': step if step else 'sublinear',
'max_iter': 50
}
# Run and log perturbation
adv_loss, delta = adv.perturb(data, target, model, criterion, **alg_kwargs)
def create(adv_train=True):
if adv_train:
model_link = model_links['adv_trained']
else:
model_link = model_links['cln_trained']
device = torch.device('cuda:0' if torch.cuda.is_available() else 'cpu')
weights_path = fb.zoo.fetch_weights(
model_link,
unzip=False
)
model = LeNet5()
model.to(device)
state_dict = torch.load(weights_path, map_location=device)
model.load_state_dict(state_dict)
model.eval()
preprocessing = {'mean': 0.5,
'std': 0.5}
fmodel = fb.models.PyTorchModel(model, bounds=(0, 1),
preprocessing=preprocessing,
device=device)
return fmodel
import torch.nn as nn
from advertorch.attacks import LinfPGDAttack
from advertorch.attacks.utils import AttackConfig
class PGDLinfMadryTrainMnist(AttackConfig):
AttackClass = LinfPGDAttack
eps = 0.3
eps_iter = 0.01
nb_iter = 40
loss_fn = nn.CrossEntropyLoss(reduction="sum")
rand_init = True
clip_min = 0.0
clip_max = 1.0
class PGDLinfMadryTestMnist(PGDLinfMadryTrainMnist):
# only modify the entry that is changed from PGDLinfMadryTrainMnist
nb_iter = 100
if __name__ == '__main__':
from advertorch.test_utils import LeNet5
model = LeNet5()
train_adversary = PGDLinfMadryTrainMnist()(model)
test_adversary = PGDLinfMadryTestMnist()(model)
net = 'mnist'
from advertorch.test_utils import LeNet5
class LeNet5_each_layer(LeNet5):
def forward(self, x):
out1 = self.maxpool1(self.relu1(self.conv1(x)))
out2_ = self.maxpool2(self.relu2(self.conv2(out1)))
out2 = out2_.view(out2_.size(0), -1)
out3 = self.relu3(self.linear1(out2))
out4 = self.linear2(out3)
return out1, out2_, out3, out4
model_ = LeNet5()
model_.load_state_dict(torch.load(os.path.join('trained_models/', filename)))
model_.to(device)
model_.eval()
# get knn features
model1_ = LeNet5_each_layer()
model1_.load_state_dict(torch.load(os.path.join('trained_models/', filename)))
model1_.to(device)
model1_.eval()
print("net: " + net)
if net == 'mnist' or net == 'fashion_mnist':
# get knn features
model1 = net_mnist()
def save_noisy_image(img, name):
if img.size(1) == 3:
img = img.view(img.size(0), 3, 32, 32)
save_image(img, name)
else:
img = img.view(img.size(0), 1, 28, 28)
save_image(img, name)
# Adopt True for the first time
generate_peer = True
# Generate peer images to folder
if generate_peer == True:
filename = "mnist_lenet5_clntrained.pt"
model_peer = LeNet5()
model_peer.load_state_dict(
torch.load(os.path.join(TRAINED_MODEL_PATH, filename)))
model_peer.cuda()
model_peer.eval()
peer_loader = get_mnist_test_loader(batch_size=1, shuffle=False)
adversary = LinfPGDAttack(model_peer,
loss_fn=nn.CrossEntropyLoss(reduction="sum"),
eps=0.25,
nb_iter=40,
eps_iter=0.01,
rand_init=True,
clip_min=0.0,
clip_max=1.0,
targeted=False)
base_folder = f"PeerReport/MNIST/Peer_reference/1"