def _index_patches(): print("=" * 30 + "GENERATING QUILTING PATCHES AND INDICES" + "=" * 30) args = opts.parse_args(opts.OptType.QUILTING_PATCHES) args.num_patches = 10000 args.quilting_patch_size = 5 args.index_file = str(os.path.join(args.quilting_index_root, "index_{}.faiss".format(args.quilting_patch_size))) args.patches_file = str(os.path.join(args.quilting_patch_root, "patches_{}.pickle".format(args.quilting_patch_size))) create_faiss_patches(args)
def _train_model(): args = opts.parse_args(opts.OptType.TRAIN) # edit default args # To classify transformed images using transformed model update defenses to # <tvm|quilting> args.defenses = None # defense=<(raw, tvm, quilting, jpeg, quantization)> args.model = "resnet50" args.normalize = True # apply normalization on input data args.resume = True # Resume training from checkpoint if available train_model(args)
def main(): # parse input arguments: args = opts.parse_args(opts.OptType.ADVERSARIAL) # Only runs one method at a time assert args.operation is not None, \ "operation to run can't be None" assert OperationType.has_value(args.operation), \ "\"{}\" operation not defined".format(args.operation) if args.operation == str(OperationType.GENERATE_ADVERSARIAL): generate_adversarial_images(args) elif args.operation == str(OperationType.CONCAT_ADVERSARIAL): concat_adversarial(args) elif args.operation == str(OperationType.COMPUTE_STATS): compute_stats(args)
def _generate_adversarial_images(): # load default args for adversary functions args = opts.parse_args(opts.OptType.ADVERSARIAL) # edit default args args.operation = "generate_adversarial" args.model = "resnet50" args.adversary_to_generate = "fgs" args.defenses = None args.partition_size = 1 # Number of samples to generate args.n_samples = 10000 # Total samples in input data args.data_type = "val" # input dataset type args.normalize = True # apply normalization on input data args.attack_type = "blackbox" # For <whitebox> attack, use transformed models args.pretrained = True # Use pretrained model from model-zoo generate_adversarial_images(args)
def _classify_images(): # classify images without any attack or defense args = opts.parse_args(opts.OptType.CLASSIFY) # edit default args args.n_samples = 1 # Total samples in input data args.normalize = True # apply normalization on input data args.pretrained = True # Use pretrained model from model-zoo # To classify transformed images using transformed model update defenses to # <tvm|quilting> args.defenses = None # To classify attack images update attack_type to <blackbox|whitebox> args.attack_type = None # To classify attack images update adversary to <fgs|ifgs|cwl2\deepfool> args.adversary = None classify_images(args)
def _generate_transformed_images(): # load default args for transformation functions args = opts.parse_args(opts.OptType.TRANSFORMATION) # edit default args # Apply transformations on raw images, # for adversarial images use "transformation_on_adv" args.operation = "transformation_on_raw" args.adversary = None # update to adversary for operation "transformation_on_adv" # For quilting expects patches data at QUILTING_ROOT (defined in # path_config.json or passed in args) args.defenses = ["quilting"] # <"tvm", "quilting", "jpeg", quantize> args.partition_size = 1 # Number of samples to generate args.data_type = "val" # input dataset type # args.n_samples = 50000 # Total samples in input data when reading from .pth files # args.attack_type = "blackbox" # Used for file paths for "transformation_on_adv" generate_transformed_images(args) print('Transformed images saved at {}'.format( os.path.join(args.partition_dir, args.defenses[0])))
def main(): # parse input arguments: args = opts.parse_args(opts.OptType.ADVERSARIAL) # Only runs one method at a time assert args.operation is not None, \ "operation to run can't be None" assert OperationType.has_value(args.operation), \ "\"{}\" operation not defined".format(args.operation) if args.attack_type == str(constants.AttackType.WHITEBOX): assert args.defenses is not None, \ "For whitebox attacks, atleast one defense is required" elif args.defenses is not None: print("Warning: Defenses will be unused for non whitebox attacks") if args.operation == str(OperationType.GENERATE_ADVERSARIAL): generate_adversarial_images(args) elif args.operation == str(OperationType.CONCAT_ADVERSARIAL): concat_adversarial(args) elif args.operation == str(OperationType.COMPUTE_STATS): compute_stats(args)
image_dataset.imgs = image_dataset.imgs[:20000] # we don't need all images # gather image patches: print('| gather image patches...') patches = gather_patches( image_dataset, args.num_patches, args.patch_size, patch_transform=None, ) # build faiss index: print('| training faiss index...') faiss_index, sub_index = index_patches(patches, pca_dims=args.pca_dims) # NOTE: Keep reference to sub_index to prevent it from being GC'ed # save faiss index and patches: print('| writing faiss index to %s' % args.index_file) faiss.write_index(faiss_index, args.index_file) with open(args.patches_file, 'wb') as fwrite: print('| writing patches to %s' % args.patches_file) pickle.dump(patches, fwrite, pickle.HIGHEST_PROTOCOL) print('| done.') # run: if __name__ == '__main__': # parse input arguments: args = opts.parse_args(opts.OptType.QUILTING_PATCHES) create_faiss_patches(args)
adv_params = constants.get_adv_params(args, idx) print("| adv_params: ", adv_params) if args.data_batches is None: concatenate_data(args, defense_name, adv_params) else: for i in range(args.data_batches): concatenate_data(args, defense_name, adv_params, data_batch_idx=i) elif args.operation == str(OperationType.TRANSFORM_RAW): start_class_idx = args.partition * args.partition_size end_class_idx = (args.partition + 1) * args.partition_size class_indices = range(start_class_idx, end_class_idx) for defense_name in args.defenses: defense = get_defense(defense_name, args) data_type = args.data_type if args.data_type == "train" else "valid" dataset = load_dataset(args, data_type, defense, class_indices=class_indices) transformation_on_raw(args, dataset, defense_name) # run: if __name__ == '__main__': # parse input arguments: args = opts.parse_args(opts.OptType.TRANSFORMATION) generate_transformed_images(args)
dataset = None model = None # Ensemble defense probabilities if args.ensemble == 'max': all_defense_probs = torch.max(all_defense_probs, dim=0)[0] elif args.ensemble == 'avg': # for average ensembling all_defense_probs = torch.mean(all_defense_probs, dim=0) else: # for no ensembling assert all_defense_probs.size(0) == 1 all_defense_probs = all_defense_probs[0] # Calculate top1 and top5 accuracy prec1, prec5 = accuracy(all_defense_probs, targets, topk=(1, 5)) print('=' * 50) print('Results for model={}, attack={}, ensemble_type={} '.format( args.model, args.adversary, args.ensemble)) prec1 = prec1[0] prec5 = prec5[0] print('| classification accuracy @1: %2.5f' % (prec1)) print('| classification accuracy @5: %2.5f' % (prec5)) print('| classification error @1: %2.5f' % (100. - prec1)) print('| classification error @5: %2.5f' % (100. - prec5)) print('| done.') # run: if __name__ == '__main__': # parse input arguments args = opts.parse_args(opts.OptType.CLASSIFY) classify_images(args)
print('| epoch %d, Loading data:' % epoch) for key in {'train', 'valid'}: loaders[key] = get_data_loader( load_dataset(args, key, defense), batchsize=args.batchsize, device=args.device, shuffle=True, ) return loaders['train'] # train the model: print('| training model...') train(model, criterion, optimizer, start_epoch_hook=start_epoch_hook, end_epoch_hook=end_epoch_hook, data_loader_hook=data_loader_hook, start_epoch=args.start_epoch, end_epoch=args.end_epoch, learning_rate=args.lr) print('| done.') # run all the things: if __name__ == '__main__': # parse input arguments: args = opts.parse_args(opts.OptType.TRAIN) train_model(args)