train

train/addind_data.py

@@ -0,0 +1,115 @@
+import pandas as pd
+import pickle
+import tensorflow.keras.backend as K
+import tensorflow as tf
+
+import tensorflow as tf
+from cleverhans.tf2.attacks.fast_gradient_method import fast_gradient_method
+from tensorflow.keras.optimizers import SGD
+from tensorflow.keras.callbacks import Callback, LearningRateScheduler, EarlyStopping
+from sklearn.model_selection import train_test_split
+import pandas as pd
+import numpy as np
+from sklearn.preprocessing import LabelEncoder
+from tensorflow.keras.utils import to_categorical
+from sklearn.model_selection import KFold
+import gzip
+from train_utily import noise
+import warnings
+
+warnings.filterwarnings("ignore")
+import tensorflow
+
+print("\nTensorflow Version: " + tf.__version__)
+from _utility import lrate, get_adversarial_examples, print_test
+from wresnet import WideResidualNetwork
+import os
+
+## globals
+epsilons = [0.001, 0.003, 0.005, 0.01, 0.03]
+percents = [0.25, 0.5, 0.75, 1.0]
+os.mkdir("RandomnoiseModels")
+os.mkdir("AEModels")
+folder_list = ["RandomnoiseModels", "AEModels"]
+
+
+def data_augmentation(epsilon, percent, X, Y, perturbation_type):
+    split = int(len(X) * percent)
+    file_name = str(epsilon) + ".pickle"
+    X_adv_percent = list()
+    if perturbation_type[0] == "FGSM":
+        X_adv_percent = get_adversarial_examples(model, X[:split], Y[:split], epsilon)
+    else:
+        X_adv_percent = noise(X[:split], eps=epsilon)
+
+    aug_X = np.concatenate((X, X_adv_percent), axis=0)
+    Y_adv = Y[:split]
+    aug_Y = np.concatenate((Y, Y_adv), axis=0)
+
+    return aug_X, aug_Y
+
+
+def experiments(X, Y, folder):
+
+    perturbation_type = ["FGSM" if folder == "AEModels" else "Random"]
+
+    for epsilon in epsilons:
+        for percent in percents:
+            aug_X, aug_Y = data_augmentation(epsilon, percent, X, Y, perturbation_type)
+            train(aug_X, aug_Y, percent, epsilon, folder)
+
+
+def train(X, Y, percent, epsilon, folder):
+
+    "Ten fold CVs of ResNet"
+    BS = 64
+    init = (32, 32, 1)
+    sgd = SGD(lr=0.1, momentum=0.9)
+    kfold = KFold(n_splits=10, random_state=42, shuffle=False)
+    model_name = folder + "/ResNet_" + str(epsilon) + "_" + str(percent)
+
+    for j, (train, val) in enumerate(kfold.split(X)):
+
+        resnet = WideResidualNetwork(
+            init, 0.0001, 0.9, nb_classes=4, N=2, k=1, dropout=0.0
+        )
+        model = resnet.create_wide_residual_network()
+
+        x_train, y_train = X[train], Y[train]
+        x_val, y_val = X[val], Y[val]
+
+        model.compile(loss="categorical_crossentropy", optimizer=sgd, metrics=["acc"])
+
+        hist = model.fit(
+            generator.flow(x_train, y_train, batch_size=64),
+            steps_per_epoch=len(x_train) // 64,
+            epochs=50,
+            validation_data=(x_val, y_val),
+            validation_steps=len(x_val) // 64,
+            callbacks=[lrate],
+        )
+
+        name = model_name + "_" + str(j) + ".h5"
+        hist_name = model_name + "_acc" + "_" + str(j) + ".pickle"
+        hist_name_loss = model_name + "_loss" + "_" + str(j) + ".pickle"
+
+        with open(hist_name, "wb") as f:
+            pickle.dump(hist.history["val_acc"], f)
+
+        with open(hist_name_loss, "wb") as f:
+            pickle.dump(hist.history["val_loss"], f)
+
+        model.save_weights(name)
+
+
+data = hkl.load("data.hkl")
+
+X_train, X_test, Y_train, y_test = (
+    data["xtrain"],
+    data["xtest"],
+    data["ytrain"],
+    data["ytest"],
+)
+
+for folder in folder_list:
+    experiments(X_train, Y_train, folder)

train/adversarial_training.py

@@ -0,0 +1,166 @@
+import numpy as np
+from cleverhans.future.tf2.attacks import fast_gradient_method
+import pandas as pd
+from sklearn.model_selection import KFold
+import sys
+import tensorflow
+import tensorflow as tf
+from multiprocessing import Pool
+
+from _utility import lrate, get_adversarial_examples, print_test, step_decay
+import hickle as hkl
+import pickle
+
+model_name = "ResNet_da"
+
+
+class AdversarialTraining(object):
+    """
+    The class provides an adversarial training for a given model and epsilon values.
+    In addition to this, the class changes the half of the batch with their adversarial examples.
+    The adversarial exaples obtain using fast gradient sign method of CleverHans framework.
+    """
+
+    def __init__(self, parameter):
+        self.epochs = parameter["epochs"]
+        self.batch_size = parameter["batch_size"]
+        self.optimizer = parameter["optimizer"]
+
+        self.generator = tf.keras.preprocessing.image.ImageDataGenerator(
+            rotation_range=10,
+            width_shift_range=5.0 / 32,
+            height_shift_range=5.0 / 32,
+        )
+
+    def train(self, model, train_dataset, val_dataset, epsilon_list):
+
+        # Ten fold cross validation
+        for epoch in range(self.epochs):
+            lr_rate = step_decay(epoch)
+            tf.keras.backend.set_value(model.optimizer.learning_rate, lr_rate)
+
+            for step, (x_train, y_train) in enumerate(train_dataset):
+                print(step)
+                x_train = self.data_augmentation(x_train, y_train, model, epsilon_list)
+                model.fit(
+                    self.generator.flow(x_train, y_train, self.batch_size),
+                    batch_size=self.batch_size,
+                    verbose=0.0,
+                )
+
+    def data_augmentation(self, X_train, Y_train, pretrained_model, epsilon_list):
+        """[summary]
+
+        Args:
+            X_train ([type]): Training inputs
+            Y_train ([type]): outputs
+            epsilon_list ([type]): according to SNR
+
+        Returns:
+            augmented batch which consists of the adversarial and clean examples.
+        """
+        first_half_end = int(len(X_train) / 2)
+        second_half_end = int(len(X_train))
+        x_clean = X_train[0:first_half_end, :, :, :]
+        x_adv = self.get_adversarial(
+            pretrained_model,
+            X_train[first_half_end:second_half_end, :, :, :],
+            Y_train[first_half_end:second_half_end],
+            epsilon_list,
+        )
+        x_mix = self.merge_data(x_clean, x_adv)
+        y_mix = Y_train[0:second_half_end]
+
+        return x_mix, y_mix
+
+    def merge_data(self, x_clean, x_adv):
+        """[summary]
+
+        Args:
+            x_clean ([type]): [description]
+            x_adv ([type]): [description]
+
+        Returns:
+            combine the clean and adversarial inputs.
+        """
+        x_mix = []
+        for i in range(len(x_clean)):
+            x_mix.append(x_clean[i])
+        for j in range(len(x_adv)):
+            x_mix.append(x_adv[j])
+        x_mix = np.array(x_mix)
+
+        return x_mix
+
+    def get_adversarial(self, logits_model, X_true, y_true, epsilon_list):
+        return self.adversarial_example(logits_model, X_true, y_true, epsilon_list)
+
+    def adversarial_example(self, logits_model, X_true, y_true, epsilon_list):
+        X_adv = []
+
+        for index, x_true in enumerate(X_true):
+            epsilon = epsilon_list[index]
+
+            original_image = x_true
+            original_image = tf.reshape(original_image, (1, 32, 32))
+            original_label = y_true[index]
+            original_label = np.reshape(np.argmax(original_label), (1,)).astype("int64")
+            adv_example_targeted_label = fast_gradient_method(
+                logits_model,
+                original_image,
+                epsilon,
+                np.inf,
+                y=original_label,
+                targeted=False,
+            )
+            X_adv.append(np.array(adv_example_targeted_label).reshape(32, 32, 1))
+        X_adv = np.array(X_adv)
+
+        return X_adv
+
+
+def simulate_train(s):
+
+    for j, (train, val) in enumerate(kfold.split(X_train)):
+        if j == s:
+            print(s)
+            model = wideresnet.create_wide_residual_network()
+            model.compile(
+                loss="categorical_crossentropy", optimizer=sgd, metrics=["acc"]
+            )
+            print("Finished compiling")
+            x_train, y_train = X_train[train], Y_train[train]
+            x_val, y_val = X_train[val], Y_train[val]
+            train_dataset = tf.data.Dataset.from_tensor_slices((x_train, y_train))
+            train_dataset = train_dataset.batch(BS)
+            val_dataset = tf.data.Dataset.from_tensor_slices((x_val, y_val))
+            val_dataset = val_dataset.batch(BS)
+            adversarial_training.train(model, train_dataset, val_dataset, epsilons)
+            name = model_name + "_" + str(j) + ".h5"
+            model.save_weights(name)
+
+
+if __name__ == "__main__":
+
+    data = hkl.load("data.hkl")
+    X_train, X_test, Y_train, y_test = (
+        data["xtrain"],
+        data["xtest"],
+        data["ytrain"],
+        data["ytest"],
+    )
+    epsilons = [i / 1000 for i in range(1, 33)]  # factor for fast gradient sign method
+
+    kfold = KFold(n_splits=10, random_state=42, shuffle=False)
+    EPOCHS = 50
+    BS = 64
+    init = (32, 32, 1)
+    sgd = SGD(lr=0.1, momentum=0.9)
+    parameter = {"epochs": EPOCHS, "batch_size": BS, "optimizer": sgd}
+    # change here depending on your model
+    wideresnet = WideResidualNetwork(
+        init, 0.0001, 0.9, nb_classes=4, N=2, k=1, dropout=0.0
+    )
+
+    with Pool(10) as p:
+        print(p.map(f, np.range(10)))

train/train_utiliy.py

@@ -0,0 +1,27 @@
+import numpy as np
+
+
+def noise(x, eps=0.3, order=np.inf, clip_min=None, clip_max=None):
+    """
+    A weak attack that just picks a random point in the attacker's action
+    space. When combined with an attack bundling function, this can be used to
+    implement random search.
+    References:
+    https://arxiv.org/abs/1802.00420 recommends random search to help identify
+        gradient masking
+    https://openreview.net/forum?id=H1g0piA9tQ recommends using noise as part
+        of an attack building recipe combining many different optimizers to
+        yield a strong optimizer.
+    Arguments
+    ---------
+    x : torch.Tensor
+        The input image.
+    """
+
+    if order != np.inf:
+        raise NotImplementedError(ord)
+
+    eta = np.random.uniform(low=-eps, high=eps, size=x.shape)
+    adv_x = x + eta
+
+    return adv_x

train/training.py

@@ -0,0 +1,56 @@
+import numpy as np
+from cleverhans.future.tf2.attacks import fast_gradient_method
+import pandas as pd
+from sklearn.model_selection import KFold
+import sys
+import tensorflow
+import tensorflow as tf
+
+from _utility import print_test, get_adversarial_examples
+
+import pickle
+
+folder_name = "./adversarial_examples_parseval_net/src/logs/saved_models/"
+
+
+def train(
+    instance,
+    X_train,
+    Y_train,
+    X_test,
+    y_test,
+    epochs,
+    BS,
+    sgd,
+    generator,
+    callbacks_list,
+    model_name="ResNet",
+):
+
+    kfold = KFold(n_splits=10, random_state=42, shuffle=False)
+
+    for j, (train, val) in enumerate(kfold.split(X_train)):
+
+        model = instance.create_wide_residual_network()
+        model.compile(loss="categorical_crossentropy", optimizer=sgd, metrics=["acc"])
+
+        print("Finished compiling")
+
+        x_train, y_train = X_train[train], Y_train[train]
+        x_val, y_val = X_train[val], Y_train[val]
+
+        hist = model.fit(
+            generator.flow(x_train, y_train, batch_size=BS),
+            steps_per_epoch=len(x_train) // BS,
+            epochs=epochs,
+            callbacks=callbacks_list,
+            validation_data=(x_val, y_val),
+            validation_steps=x_val.shape[0] // BS,
+        )
+        ## write the history
+
+        with open("history_" + model_name + str(j), "wb") as file_pi:
+            pickle.dump(hist.history, file_pi)
+
+        model_name = folder_name + model_name + "_" + str(j) + ".h5"
+        model.save(model_name)