def est_accuracy(mal_visible, t):
args = gv.args
delta_other_prev = None
if len(mal_visible) >= 1:
# Getting other agents' delta in the previous time step
mal_prev_t = mal_visible[-1]
print('Loading from previous iteration %s' % mal_prev_t)
# mal_weights_prev = np.load(gv.dir_name+'malicious_model_weights_t%s.npy' % mal_prev_t)
# shared_weights_prev = np.load(gv.dir_name+'global_weights_t%s.npy' % mal_prev_t)
# delta_other_prev_1 = shared_weights - shared_weights_prev - alpha_m * (mal_weights_prev - shared_weights_prev)
# np.save(gv.dir_name+'delta_other_%s.npy' % t, delta_other_prev)
delta_other_prev = np.load(
gv.dir_name + 'ben_delta_t%s.npy' % mal_prev_t, allow_pickle=True)
delta_other_prev = delta_other_prev / (t - mal_prev_t)
print('Divisor: %s' % (t - mal_prev_t))
# est_accuracy_l2 = 0.0
# for i in range(len(delta_other_prev_1)):
# est_accuracy_l2 += np.linalg.norm(delta_other_prev_1[i]-delta_other_prev_2[i])
# print('Diff. in two methods of est: %s' % est_accuracy_l2)
# Checking accuracy of estimate after time step 2
if len(mal_visible) >= 3:
mal_prev_prev_t = mal_visible[-2]
if mal_prev_prev_t >= args.mal_delay:
# delta_other_prev_prev = np.load(gv.dir_name+'delta_other_%s.npy' % mal_prev_prev_t)
delta_other_prev_prev = np.load(
gv.dir_name + 'ben_delta_t%s.npy' % mal_prev_prev_t, allow_pickle=True)
ben_delta_diff = delta_other_prev - delta_other_prev_prev
est_accuracy_l2 = 0.0
for i in range(len(ben_delta_diff)):
est_accuracy_l2 += np.linalg.norm(ben_delta_diff[i])
print('Accuracy of estimate on round %s: %s' %
(mal_prev_prev_t, est_accuracy_l2))
write_dict = {}
write_dict['t'] = mal_prev_prev_t
write_dict['est_accuracy_l2'] = est_accuracy_l2
file_write(write_dict, purpose='est_accuracy_log')
return delta_other_prev
def eval_func(X_test,
Y_test,
t,
return_dict,
mal_data_X=None,
mal_data_Y=None,
global_weights=None):
args = gv.args
# if global_weights is None:
# global_weights = np.load(gv.dir_name + 'global_weights_t%s.npy' % t)
if args.dataset == 'CIFAR-10':
K.set_learning_phase(1)
eval_success, eval_loss = eval_minimal(X_test, Y_test, global_weights)
print('Iteration {}: success {}, loss {}'.format(t, eval_success,
eval_loss))
write_dict = OrderedDict()
write_dict['t'] = t
write_dict['eval_success'] = eval_success
write_dict['eval_loss'] = eval_loss
file_write(write_dict)
return_dict['eval_success'] = eval_success
return_dict['eval_loss'] = eval_loss
if args.mal:
if 'single' in args.mal_obj:
target, target_conf, actual, actual_conf = mal_eval_single(
mal_data_X, mal_data_Y, global_weights)
print(
'Target:%s with conf. %s, Curr_pred on for iter %s:%s with conf. %s'
% (target, target_conf, t, actual, actual_conf))
if actual == target:
return_dict['mal_suc_count'] += 1
write_dict = OrderedDict()
write_dict['t'] = t
write_dict['target'] = target
write_dict['target_conf'] = target_conf
write_dict['actual'] = actual
write_dict['actual_conf'] = actual_conf
file_write(write_dict, purpose='mal_obj_log')
elif 'multiple' in args.mal_obj:
suc_count_local = mal_eval_multiple(mal_data_X, mal_data_Y,
global_weights)
print('%s of %s targets achieved' %
(suc_count_local, args.mal_num))
write_dict = OrderedDict()
write_dict['t'] = t
write_dict['suc_count'] = suc_count_local
file_write(write_dict, purpose='mal_obj_log')
return_dict['mal_suc_count'] += suc_count_local
return
def mal_agent(X_shard, Y_shard, mal_data_X, mal_data_Y, t, gpu_id, return_dict,
mal_visible, X_test, Y_test):
args = gv.args
shared_weights = np.load(gv.dir_name + 'global_weights_t%s.npy' % t)
holdoff_flag = 0
if 'holdoff' in args.mal_strat:
print('Checking holdoff')
if 'single' in args.mal_obj:
target, target_conf, actual, actual_conf = mal_eval_single(
mal_data_X, mal_data_Y, shared_weights)
if target_conf > 0.8:
print('Holding off')
holdoff_flag = 1
# tf.reset_default_graph()
K.set_learning_phase(1)
print('Malicious Agent on GPU %s' % gpu_id)
# set enviornment
os.environ["CUDA_DEVICE_ORDER"] = "PCI_BUS_ID"
os.environ["CUDA_VISIBLE_DEVICES"] = str(gpu_id)
if args.dataset == 'census':
x = tf.placeholder(shape=(None, gv.DATA_DIM), dtype=tf.float32)
y = tf.placeholder(dtype=tf.int64)
else:
x = tf.placeholder(shape=(None, gv.IMAGE_ROWS, gv.IMAGE_COLS,
gv.NUM_CHANNELS),
dtype=tf.float32)
y = tf.placeholder(dtype=tf.int64)
if 'MNIST' in args.dataset:
agent_model = model_mnist(type=args.model_num)
elif args.dataset == 'CIFAR-10':
agent_model = cifar_10_model()
elif args.dataset == 'census':
agent_model = census_model_1()
logits = agent_model(x)
prediction = tf.nn.softmax(logits)
eval_loss = tf.reduce_mean(
tf.nn.sparse_softmax_cross_entropy_with_logits(labels=y,
logits=logits))
config = tf.ConfigProto(gpu_options=gv.gpu_options)
# config.gpu_options.allow_growth = True
sess = tf.Session(config=config)
K.set_session(sess)
if t >= args.mal_delay and holdoff_flag == 0:
if args.mal_obj == 'all':
final_delta = mal_all_algs(x, y, logits, agent_model,
shared_weights, sess, mal_data_X,
mal_data_Y, t)
elif args.mal_obj == 'single' or 'multiple' in args.mal_obj:
final_delta, penul_delta = mal_single_algs(
x, y, logits, agent_model, shared_weights, sess, mal_data_X,
mal_data_Y, t, mal_visible, X_shard, Y_shard)
elif t < args.mal_delay or holdoff_flag == 1:
print('Delay/Hold-off')
final_delta, _ = benign_train(x, y, agent_model, logits, X_shard,
Y_shard, sess, shared_weights)
final_weights = shared_weights + final_delta
agent_model.set_weights(final_weights)
print('---Eval at mal agent---')
if 'single' in args.mal_obj:
target, target_conf, actual, actual_conf = mal_eval_single(
mal_data_X, mal_data_Y, final_weights)
print(
'Target:%s with conf. %s, Curr_pred on malicious model for iter %s:%s with conf. %s'
% (target, target_conf, t, actual, actual_conf))
elif 'multiple' in args.mal_obj:
suc_count_local = mal_eval_multiple(mal_data_X, mal_data_Y,
final_weights)
print('%s of %s targets achieved' % (suc_count_local, args.mal_num))
eval_success, eval_loss = eval_minimal(X_test, Y_test, final_weights)
return_dict['mal_success'] = eval_success
print('Malicious Agent: success {}, loss {}'.format(
eval_success, eval_loss))
write_dict = {}
# just to maintain ordering
write_dict['t'] = t + 1
write_dict['eval_success'] = eval_success
write_dict['eval_loss'] = eval_loss
file_write(write_dict, purpose='mal_eval_loss')
return_dict[str(gv.mal_agent_index)] = np.array(final_delta)
np.save(gv.dir_name + 'mal_delta_t%s.npy' % t, final_delta)
if 'auto' in args.mal_strat or 'multiple' in args.mal_obj:
penul_weights = shared_weights + penul_delta
if 'single' in args.mal_obj:
target, target_conf, actual, actual_conf = mal_eval_single(
mal_data_X, mal_data_Y, penul_weights)
print(
'Penul weights ---- Target:%s with conf. %s, Curr_pred on malicious model for iter %s:%s with conf. %s'
% (target, target_conf, t, actual, actual_conf))
elif 'multiple' in args.mal_obj:
suc_count_local = mal_eval_multiple(mal_data_X, mal_data_Y,
penul_weights)
print('%s of %s targets achieved' %
(suc_count_local, args.mal_num))
eval_success, eval_loss = eval_minimal(X_test, Y_test, penul_weights)
print('Penul weights ---- Malicious Agent: success {}, loss {}'.format(
eval_success, eval_loss))
return
