def create(): url = 'https://storage.googleapis.com/luizgh-datasets/avc_models/resnext50_32x4d_ddn.pt' weights_path = zoo.fetch_weights(url) state_dict = torch.load(weights_path) image_mean = torch.tensor([0.4802, 0.4481, 0.3975]).view(1, 3, 1, 1) image_std = torch.tensor([0.2770, 0.2691, 0.2821]).view(1, 3, 1, 1) m = resnext50_32x4d() model = NormalizedModel(model=m, mean=image_mean, std=image_std) model.load_state_dict(state_dict) model.eval() fmodel = foolbox.models.PyTorchModel(model, (0, 1), num_classes=200) return fmodel
help='path to the image of attack Class') device = torch.device('cuda:0' if torch.cuda.is_available() else 'cpu') # Data loading code args = parser.parse_args() start_time = time.time() img = imread(args.attack_image) path = args.data print(args.targeted) if args.targeted == 0: image_mean = torch.tensor([0.4802, 0.4481, 0.3975]).view(1, 3, 1, 1) image_std = torch.tensor([0.2770, 0.2691, 0.2821]).view(1, 3, 1, 1) m = resnet18() attacks = [ DDN(100, device=device), ] model = NormalizedModel(m, image_mean, image_std) state_dict = torch.load(args.model_path) model.load_state_dict(state_dict) model.eval().to(device) def black_box_model(img): t_img = torch.from_numpy(img).float().div(255).permute(2, 0, 1) t_img = t_img.unsqueeze(0).to(device) with torch.no_grad(): return model(t_img).argmax() smodel = resnext50_32x4d() smodel = NormalizedModel(smodel, image_mean, image_std) state_dict = torch.load(args.surrogate_model_path) smodel.load_state_dict(state_dict) smodel.eval().to(device)
train_input_dir = '../data/imagenet_all/images/' csv_file = r'../data/imagenet_all/dev.csv' train_loader = prepareData(csv_file, train_input_dir)['train_data'] val_loader = prepareData(csv_file, train_input_dir)['val_data'] test_loader = load_data(csv_file, train_input_dir)['dev_data'] print(len(train_loader),len(val_loader),len(test_loader)) m = models.vgg19(pretrained=True).to(DEVICE) image_mean = torch.tensor([0.485, 0.456, 0.406]).view(1, 3, 1, 1) image_std = torch.tensor([0.229, 0.224, 0.225]).view(1, 3, 1, 1) model = NormalizedModel(model=m, mean=image_mean, std=image_std).to(DEVICE) # weight = './weights/imagenet_resnet152_jpeg/Imagenetacc0.9642857142857143_20.pth' # loaded_state_dict = torch.load(weight) # model.load_state_dict(loaded_state_dict) if torch.cuda.device_count() > 1: model = torch.nn.DataParallel(model) optimizer = SGD(model.parameters(), lr=args.lr, momentum=args.momentum, weight_decay=args.weight_decay) if args.adv == 0: scheduler = lr_scheduler.StepLR(optimizer, step_size=args.lr_step, gamma=args.lr_decay) else: scheduler = lr_scheduler.MultiStepLR(optimizer, milestones=[60, 120, 160], gamma=0.2) attacker = DDN(steps=args.steps, device=DEVICE)
num_workers=args.workers, drop_last=True, pin_memory=True) val_loader = data.DataLoader(val_set, batch_size=100, shuffle=True, num_workers=args.workers, pin_memory=True) test_loader = data.DataLoader(test_set, batch_size=100, shuffle=True, num_workers=args.workers, pin_memory=True) m = wide_resnet(num_classes=10, depth=28, widen_factor=10, dropRate=args.drop) model = NormalizedModel(model=m, mean=image_mean, std=image_std).to( DEVICE) # keep images in the [0, 1] range if torch.cuda.device_count() > 1: model = torch.nn.DataParallel(model) optimizer = SGD(model.parameters(), lr=args.lr, momentum=args.momentum, weight_decay=args.weight_decay) if args.adv == 0: scheduler = lr_scheduler.StepLR(optimizer, step_size=args.lr_step, gamma=args.lr_decay) else: scheduler = lr_scheduler.MultiStepLR(optimizer, milestones=[60, 120, 160], gamma=0.2)
test_transform = transforms.Compose([ transforms.ToTensor(), ]) test_set = CIFAR10(args.data, train=False, transform=test_transform, download=True) test_loader = data.DataLoader(test_set, batch_size=50, shuffle=True, num_workers=args.workers, pin_memory=True) m = wide_resnet(num_classes=10, depth=28, widen_factor=10) model = NormalizedModel(model=m, mean=image_mean, std=image_std).to(DEVICE) model_dict = model.load_state_dict(torch.load('./model/cifar10_wrn.pth')) if torch.cuda.device_count() > 1: model = torch.nn.DataParallel(model) #attacker = FGSM(eps=0.3, device=DEVICE) #attacker = IFGSM(steps=20,eps=0.3,eps_iter=0.1, device=DEVICE) #attacker = PGD(steps=20,eps=4,eps_iter=3, device=DEVICE) attacker = BP(steps=100, device=DEVICE) #attacker = DDN(steps=100, device=DEVICE) requires_grad_(model, True) model.eval() ori_image = np.zeros((10000, 3, 32, 32))
# for k, v in pretext_model.items(): # k = k.replace("module.", "") # model_new_dict[k] = v # state_dict = {k: v for k, v in model_new_dict.items() if k in model_dict.keys()} # model_dict.update(state_dict) # model.load_state_dict(model_dict) # keep images in the [0, 1] range # model = resnet101_denoise().to(DEVICE) # weight = '../defenses/weights/adv_denoise_model/Adv_Denoise_Resnext101.pytorch' # loaded_state_dict = torch.load(weight) # model.load_state_dict(loaded_state_dict, strict=True) # model = models.inception_v3(pretrained=True).to(DEVICE).eval() model1 = models.resnet152(pretrained=False) model1 = NormalizedModel(model=model1, mean=image_mean, std=image_std) # model = EfficientNet.from_pretrained("efficientnet-b8", advprop=True).to(DEVICE).eval() # model = NormalizedModel(model=model, mean=image_mean, std=image_std).to(DEVICE).eval() weight = '../defenses/weights/imagenet_resnet152_jpeg/Imagenetacc0.9553571428571429_20.pth' loaded_state_dict = torch.load(weight) model1.load_state_dict(loaded_state_dict) # model2 = models.inception_v3(pretrained=False) # # model2 = NormalizedModel(model=model2, mean=image_mean, std=image_std) # weight = '../defenses/weights/imagenet_inception_v3_jpeg/' # loaded_state_dict = torch.load(weight) # model2.load_state_dict(loaded_state_dict)