'../../third_party')) if THIRD_PARTY_PATH not in sys.path: sys.path.append(THIRD_PARTY_PATH) from deepdefense_pytorch.models.cifar10 import ConvNet from realsafe.model import ClassifierWithLogits from realsafe.utils import get_res_path, download_res from realsafe.model.pytorch_wrapper import pytorch_classifier_with_logits import torch import scipy.io import numpy as np import tensorflow as tf MODEL_PATH = get_res_path('./cifar10/deepdefense') def load(_): model = ConvNet_DeepDefense() model.load(MODEL_PATH) return model def download(model_path): mat_name = 'cifar10-convnet-15742544.mat' mat_path = os.path.abspath(os.path.join(model_path, mat_name)) tar_path = os.path.abspath( os.path.join(model_path, 'mnist-cifar10-data-model.tar')) if not os.path.exists(mat_path): if not os.path.exists(os.path.dirname(tar_path)):
if THIRD_PARTY_PATH not in sys.path: sys.path.append(THIRD_PARTY_PATH) MODULE_PATH = os.path.join(THIRD_PARTY_PATH, 'models/research/slim') if MODULE_PATH not in sys.path: sys.path.append(MODULE_PATH) import tensorflow as tf import models.research.slim.nets.inception_v3 as inception_v3 from realsafe import ClassifierWithLogits from realsafe.utils import get_res_path, download_res slim = tf.contrib.slim MODEL_PATH = get_res_path('./imagenet/inception_v3.ckpt') def load(session): model = InceptionV3() model.load(session, MODEL_PATH) return model class InceptionV3(ClassifierWithLogits): def __init__(self): ClassifierWithLogits.__init__(self, 1001, 0.0, 1.0, (299, 299, 3), tf.float32, tf.int32) self.n_clusters = 5 self.noise_level = 32.0 / 255.0 self.num_ensemble = 10
sys.path.append(THIRD_PARTY_PATH) MODULE_PATH = os.path.join(THIRD_PARTY_PATH, 'models/research/slim') if MODULE_PATH not in sys.path: sys.path.append(MODULE_PATH) import tensorflow as tf import numpy as np import models.research.slim.nets.resnet_v2 as resnet_v2 from realsafe import ClassifierWithLogits from realsafe.utils import get_res_path, download_res slim = tf.contrib.slim MODEL_PATH = get_res_path('./imagenet/imagenet64_alp025_2018_06_26.ckpt') def load(session): model = ResnetV2ALP() model.load(session, MODEL_PATH) return model def download(model_path): url = 'http://download.tensorflow.org/models/adversarial_logit_pairing/imagenet64_alp025_2018_06_26.ckpt.tar.gz' if not os.path.exists(model_path + '.meta'): if not os.path.exists(os.path.dirname(model_path)): os.makedirs(os.path.dirname(model_path)) import tarfile download_res(url, model_path + '.tar.gz')
if MODULE_PATH not in sys.path: sys.path.append(MODULE_PATH) from convex_adversarial_pytorch.examples.problems import cifar_model_resnet, Flatten from convex_adversarial.utils import Dense, DenseSequential sys.path.remove(MODULE_PATH) import torch import numpy as np import tensorflow as tf from realsafe.utils import get_res_path, download_res from realsafe.model.pytorch_wrapper import pytorch_classifier_with_logits MODEL_PATH = get_res_path('./cifar10/convex') def load(_): model = ResNet_Convex() model.load(MODEL_PATH) return model def download(model_path): pth_path = os.path.join(model_path, 'cifar_resnet_2px.pth') if not os.path.exists(pth_path): if not os.path.exists(os.path.dirname(pth_path)): os.makedirs(os.path.dirname(pth_path)) url = 'https://github.com/locuslab/convex_adversarial/blob/master/models_scaled/cifar_resnet_2px.pth?raw=true' download_res(url, pth_path)
import sys import os THIRD_PARTY_PATH = os.path.abspath(os.path.join(os.path.dirname(os.path.abspath(__file__)), '../../third_party')) if THIRD_PARTY_PATH not in sys.path: sys.path.append(THIRD_PARTY_PATH) import torch import tensorflow as tf from realsafe.model.pytorch_wrapper import pytorch_classifier_with_logits from realsafe.utils import get_res_path from trades.models.wideresnet import WideResNet MODEL_PATH = get_res_path('./cifar10/wrn.pt') def load(_): model = WideResNet_TRADES() model.load() return model @pytorch_classifier_with_logits(n_class=10, x_min=0.0, x_max=1.0, x_shape=(32, 32, 3), x_dtype=tf.float32, y_dtype=tf.int32) class WideResNet_TRADES(torch.nn.Module): def __init__(self): torch.nn.Module.__init__(self) self.model = WideResNet().cuda()
''' CIFAR-10 dataset. ''' import tensorflow as tf import numpy as np from keras.datasets.cifar10 import load_data from realsafe.utils import get_res_path PATH_TARGET = get_res_path('cifar10/target.npy') def load_dataset_for_classifier(classifier, offset=0, load_target=False, target_label=None): ''' Get an CIFAR-10 dataset in tf.data.Dataset format. The first element of the dataset is the index, the second one is the image tensor with shape of the classifier's `x_shape` in the classifier's `x_dtype`, the third one is the label in the classifier's `y_dtype`. If `load_target` is true, the target label would be returned as the fourth element of the dataset. :param offset: Ignore the first `offset` images. :param load_target: Whether to load the target label. :param target_label: If it is a integer, the returned dataset would only include data points with this label. :return: A `tf.data.Dataset` instance. ''' label_dtype = classifier.y_dtype x_shape, x_dtype, x_min, x_max = classifier.x_shape, classifier.x_dtype, classifier.x_min, classifier.x_max dataset = load_dataset(offset=offset, label_dtype=label_dtype,
''' ImageNet dataset (ILSVRC 2012). ''' import os import tensorflow as tf import numpy as np from PIL import Image from realsafe.utils import get_res_path, download_res PATH_IMGS = get_res_path('./imagenet/ILSVRC2012_img_val') PATH_VAL_TXT = get_res_path('./imagenet/val.txt') PATH_TARGET_TXT = get_res_path('./imagenet/target.txt') def load_dataset_for_classifier(classifier, offset=0, load_target=False, target_label=None, clip=True): ''' Get an ImageNet dataset in tf.data.Dataset format. The first element of the dataset is the filename, the second one is the image tensor with shape of the classifier's `x_shape` in the classifier's `x_dtype`, the third one is the label in the classifier's `y_dtype`. If `load_target` is true, the target label would be returned as the fourth element of the dataset. It would automatically handle `n_class == 1000` and `n_class == 1001` case (assume the empty class is labeled 0). :param offset: Ignore the first `offset` images. :param load_target: Whether to load the target label. :param target_label: If it is a integer, the returned dataset would only include data points with this label. :param clip: If it is true, the images would be clipped towards center. :return: A `tf.data.Dataset` instance.
(https://github.com/tensorflow/models/blob/master/research/adv_imagenet_models/README.md) for ImageNet dataset. ''' import sys import os import tensorflow as tf from inception_v3 import inception_v3 from realsafe import ClassifierWithLogits from realsafe.utils import get_res_path, download_res slim = tf.contrib.slim MODEL_PATH = get_res_path('./imagenet/ens4_adv_inception_v3') def load(session): model = Ens4AdvInceptionV3() model.load(session, MODEL_PATH) return model def download(model_path): if not os.path.exists(model_path): import tarfile os.makedirs(model_path) download_res('http://download.tensorflow.org/models/ens4_adv_inception_v3_2017_08_18.tar.gz', os.path.join(model_path, 'ens4_adv_inception_v3_2017_08_18.tar.gz'))
import sys import os THIRD_PARTY_PATH = os.path.abspath( os.path.join(os.path.dirname(os.path.abspath(__file__)), '../../third_party')) if THIRD_PARTY_PATH not in sys.path: sys.path.append(THIRD_PARTY_PATH) from functools import partial import tensorflow as tf from realsafe.model import ClassifierWithLogits from realsafe.utils import get_res_path, download_res MODEL_PATH = get_res_path('./cifar10/pgd_at') from cifar10_challenge.model import Model def load(session): model = PgdAT() model.load(session, MODEL_PATH) return model def download(model_path): if not os.path.exists( os.path.join(model_path, 'models/adv_trained/checkpoint')): zip_path = os.path.join(model_path, 'adv_trained.zip') if not os.path.exists(zip_path):
THIRD_PARTY_PATH = os.path.abspath( os.path.join(os.path.dirname(os.path.abspath(__file__)), '../../third_party')) if THIRD_PARTY_PATH not in sys.path: sys.path.append(THIRD_PARTY_PATH) from bayesian_defense.models.vgg_rse import VGG import torch import tensorflow as tf from realsafe.utils import get_res_path, download_res from realsafe.model.pytorch_wrapper import pytorch_classifier_with_logits MODEL_PATH = get_res_path('./cifar10/rse') def load(_): model = VGG_RSE() model.load(MODEL_PATH) return model def download(model_path): pth_path = os.path.join(model_path, 'cifar10_vgg_rse.pth') if not os.path.exists(os.path.dirname(pth_path)): os.makedirs(os.path.dirname(pth_path)) if not os.path.exists(pth_path): print( 'Please download "cifar10_vgg_rse.pth" from ' +
sys.path.append(MODULE_PATH) import tensorflow as tf import iat.nets ResNetDenoiseModel = iat.nets.ResNetDenoiseModel from tensorpack import TowerContext from tensorpack.tfutils import get_model_loader from realsafe import ClassifierWithLogits from realsafe.utils import get_res_path, download_res import argparse MODEL_PATH = get_res_path('./imagenet/R152-Denoise.npz') def load(session): model = ResNet152_Denoising() model.load(session, MODEL_PATH) return model def download(model_path): url = 'https://github.com/facebookresearch/ImageNet-Adversarial-Training/releases/download/v0.1/R152-Denoise.npz' if not os.path.exists(model_path): if not os.path.exists(os.path.dirname(model_path)): os.makedirs(os.path.dirname(model_path), exist_ok=True) download_res(url, model_path)
import os import numpy as np import tensorflow as tf import keras from keras.layers import Dense, Conv2D, BatchNormalization, Activation from keras.layers import AveragePooling2D, Input, Flatten from keras.regularizers import l2 from keras.models import Model from realsafe.model import ClassifierWithLogits from realsafe.utils import get_res_path, download_res MODEL_PATH = get_res_path('./cifar10/adp') def load(session): model = ADP() model.load(session, MODEL_PATH) return model def download(model_path): if not os.path.exists(model_path): os.makedirs(model_path) h5_name = 'cifar10_ResNet110v2_model.200.h5' h5_path = os.path.join(model_path, h5_name) if not os.path.exists(h5_path): url = 'http://ml.cs.tsinghua.edu.cn/~tianyu/ADP/pretrained_models/ADP_standard_3networks/' + h5_name download_res(url, h5_path) npy_path = os.path.join(model_path, 'mean.npy') if not os.path.exists(npy_path):
from realsafe.utils import get_res_path from realsafe.defense.jpeg_compression import jpeg_compression import resnet56 MODEL_PATH = get_res_path('./cifar10/resnet56.ckpt') def load(session): model = ResNet56_JPEG() model.load(MODEL_PATH, session) return model @jpeg_compression() class ResNet56_JPEG(resnet56.ResNet56): pass if __name__ == '__main__': resnet56.download(MODEL_PATH)