def test_untargeted_SafeSearch(image, label=None): model = GoogleSafeSearchModel() pred = model.predictions(image) attack = Attack(model, criterion=MisclassificationSafeSearch()) adversarial_obj = attack(image, label, unpack=False, epsilons=100) print(adversarial_obj.distance) return adversarial_obj.distance, adversarial_obj.image
def test_untargeted_Xception(image, label=None): import keras from perceptron.models.classification.keras import KerasModel mean = np.array([0.485, 0.456, 0.406]).reshape((1, 1, 3)) std = np.array([0.229, 0.224, 0.225]).reshape((1, 1, 3)) model_keras = keras.applications.xception.Xception(weights='imagenet') model = KerasModel(model_keras, bounds=(0, 1), preprocessing=(mean, std)) print(np.argmax(model.predictions(image))) attack = Attack(model, criterion=Misclassification()) adversarial_obj = attack(image, label, unpack=False, epsilons=10000) distance = adversarial_obj.distance adversarial = adversarial_obj.image return distance, adversarial
def test_untargeted_resnet18(image, label=None): import torch import torchvision.models as models from perceptron.models.classification import PyTorchModel mean = np.array([0.485, 0.456, 0.406]).reshape((3, 1, 1)) std = np.array([0.229, 0.224, 0.225]).reshape((3, 1, 1)) resnet18 = models.resnet18(pretrained=True).eval() if torch.cuda.is_available(): resnet18 = resnet18.cuda() model = PyTorchModel( resnet18, bounds=(0, 1), num_classes=1000, preprocessing=(mean, std)) print(np.argmax(model.predictions(image))) attack = Attack(model, criterion=Misclassification()) adversarial = attack(image, label, unpack=True)
def test_untargeted_resnet50(image, label=None): import torch import torchvision.models as models from perceptron.models.classification import PyTorchModel mean = np.array([0.485, 0.456, 0.406]).reshape((3, 1, 1)) std = np.array([0.229, 0.224, 0.225]).reshape((3, 1, 1)) model_pyt = models.resnet50(pretrained=True).eval() if torch.cuda.is_available(): model_pyt = model_pyt.cuda() model = PyTorchModel(model_pyt, bounds=(0, 1), num_classes=1000, preprocessing=(mean, std)) print(np.argmax(model.predictions(image))) attack = Attack(model, criterion=Misclassification()) adversarial_obj = attack(image, label, unpack=False, epsilons=10000) distance = adversarial_obj.distance adversarial = adversarial_obj.image return distance, adversarial