-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtest.py
170 lines (130 loc) · 5.73 KB
/
test.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
'''
Some parts of the code are modified from:
CAS : https://github.com/bymavis/CAS_ICLR2021
CIFS : https://github.com/HanshuYAN/CIFS
'''
import os, argparse
import torch
import torch.nn as nn
import torch.nn.functional as F
from torch.autograd import Variable
import torchvision
import torchvision.transforms as transforms
from models.BaseModel import BaseModelDNN
def boolean_string(s):
if s not in {'False', 'True'}:
raise ValueError('Not a valid boolean string')
return s == 'True'
parser = argparse.ArgumentParser(description='Configuration')
parser.add_argument('--load_name', type=str, help='specify checkpoint load name')
parser.add_argument('--model', default='resnet18')
parser.add_argument('--dataset', default='cifar10')
parser.add_argument('--tau', default=0.1, type=float)
parser.add_argument('--bs', default=128, type=int, help='batch size')
parser.add_argument('--device', default=0, type=int)
args = parser.parse_args()
device = 'cuda:{}'.format(args.device) if torch.cuda.is_available() else 'cpu'
if args.model == 'resnet18':
from models.resnet_fsr import ResNet18_FSR
net = ResNet18_FSR
elif args.model == 'vgg16':
from models.vgg_fsr import vgg16_FSR
net = vgg16_FSR
elif args.model == 'wideresnet34':
from models.wideresnet34_fsr import WideResNet34_FSR
net = WideResNet34_FSR
if args.dataset == 'cifar10':
image_size = (32, 32)
num_classes = 10
transform_test = transforms.Compose([
transforms.ToTensor(),
])
testset = torchvision.datasets.CIFAR10(root='./data', train=False, download=True, transform=transform_test)
testloader = torch.utils.data.DataLoader(testset, batch_size=args.bs, shuffle=False)
elif args.dataset == 'svhn':
image_size = (32, 32)
num_classes = 10
transform_test = transforms.Compose([
transforms.ToTensor(),
])
testset = torchvision.datasets.SVHN(root='./data', split='test', download=True, transform=transform_test)
testloader = torch.utils.data.DataLoader(testset, batch_size=args.bs, shuffle=False)
def get_pred(out, labels):
pred = out.sort(dim=-1, descending=True)[1][:, 0]
second_pred = out.sort(dim=-1, descending=True)[1][:, 1]
adv_label = torch.where(pred == labels, second_pred, pred)
return adv_label
class CE_loss(nn.Module):
def __init__(self) -> None:
super().__init__()
def forward(self, logits_final, target):
loss = F.cross_entropy(logits_final, target)
return loss
class CW_loss(nn.Module):
def __init__(self, num_classes=10) -> None:
super().__init__()
self.num_classes = num_classes
def forward(self, logits_final, target):
loss = self._cw_loss(logits_final, target, num_classes=self.num_classes)
return loss
def _cw_loss(self, output, target, confidence=50, num_classes=10):
target = target.data
target_onehot = torch.zeros(target.size() + (num_classes,))
target_onehot = target_onehot.to(device)
target_onehot.scatter_(1, target.unsqueeze(1), 1.)
target_var = Variable(target_onehot, requires_grad=False)
real = (target_var * output).sum(1)
other = ((1. - target_var) * output - target_var * 10000.).max(1)[0]
loss = -torch.clamp(real - other + confidence, min=0.) # equiv to max(..., 0.)
loss = torch.sum(loss)
return loss
class Classifier(BaseModelDNN):
def __init__(self) -> None:
super(BaseModelDNN).__init__()
self.net = net(tau=args.tau, num_classes=num_classes, image_size=image_size).to(device)
self.set_requires_grad([self.net], False)
def predict(self, x, is_eval=True):
return self.net(x, is_eval=is_eval)
def main():
model = Classifier()
checkpoint = torch.load('./weights/{}/{}/{}.pth'.format(args.dataset, args.model, args.load_name, map_location=device))
model.net.load_state_dict(checkpoint)
model.net.eval()
from advertorch_fsr.attacks import FGSM, LinfPGDAttack
lst_attack = [
(FGSM, dict(
loss_fn=CE_loss(),
eps=8 / 255,
clip_min=0.0, clip_max=1.0, targeted=False), 'FGSM'),
(LinfPGDAttack, dict(
loss_fn=CE_loss(),
eps=8 / 255, nb_iter=20, eps_iter=0.1 * (8 / 255), rand_init=False,
clip_min=0.0, clip_max=1.0, targeted=False), 'PGD-20'),
(LinfPGDAttack, dict(
loss_fn=CE_loss(),
eps=8 / 255, nb_iter=100, eps_iter=0.1 * (8 / 255), rand_init=False,
clip_min=0.0, clip_max=1.0, targeted=False), 'PGD-100'),
(LinfPGDAttack, dict(
loss_fn=CW_loss(num_classes=num_classes),
eps=8 / 255, nb_iter=30, eps_iter=0.1 * (8 / 255), rand_init=False,
clip_min=0.0, clip_max=1.0, targeted=False), 'C&W'),
]
attack_results = []
for attack_class, attack_kwargs, name in lst_attack:
from metric.classification import defense_success_rate
message, defense_success, natural_success = defense_success_rate(model.predict,
testloader, attack_class,
attack_kwargs, device=device)
message = name + ': ' + message
print(message)
attack_results.append(defense_success)
attack_results.append(natural_success)
attack_results = torch.cat(attack_results, 1)
attack_results = attack_results.sum(1)
attack_results[attack_results < len(lst_attack) + 1] = 0.
if args.dataset == 'cifar10':
print('Ensemble : {:.2f}%'.format(100. * attack_results.count_nonzero() / 10000.))
elif args.dataset == 'svhn':
print('Ensemble : {:.2f}%'.format(100. * attack_results.count_nonzero() / 26032.))
if __name__ == '__main__':
main()