In [None]:
import argparse
import os
import yaml

import tensorflow as tf
import numpy as np
from keras.callbacks import ModelCheckpoint

from cleverhans.tf2.attacks.fast_gradient_method import fast_gradient_method


#from attribution import *
from models import *
from utils import *
from data_process import *

seed = 0
tf.random.set_seed(seed)
np.random.seed(seed)

parser = argparse.ArgumentParser()
parser.add_argument('--params', dest='params')
args = parser.parse_args()

with open(f'./{args.params}', 'r') as f:
    params_loaded = yaml.safe_load(f)

# designate gpu
os.environ['CUDA_VISIBLE_DEVICES'] = params_loaded['gpu_num']

# enable memory growth
physical_devices = tf.config.list_physical_devices('GPU')
for d in physical_devices:
    tf.config.experimental.set_memory_growth(d, True)

MNIST_checkpoint_path = params_loaded['MNIST_checkpoint_path']

os.environ['TF_DETERMINISTIC_OPS'] = '0'

datadir = ['model', MNIST_checkpoint_path]
mkdir(datadir)

fd = params_loaded['dataset']

# dataset load
if params_loaded['dataset'] == 'mnist_data':
    
    train, test = eval(params_loaded['dataset'])()
else:
    print("other dataset")

    
x_train, y_train = train
x_test, y_test = test

mnist_model = eval(params_loaded['model_train'])()

loss_fn = tf.keras.losses.SparseCategoricalCrossentropy(from_logits=True)

if exists(f'{MNIST_checkpoint_path}/saved_model.pb'):

    mnist_model = tf.keras.models.load_model(MNIST_checkpoint_path)

else:

    # MNIST 학습 checkpoint
    checkpoint = ModelCheckpoint(MNIST_checkpoint_path, 
                                save_best_only=True, 
                                save_weights_only=True, 
                                monitor='val_loss',
                                verbose=1)

    mnist_model.compile(optimizer='adam',
                loss='sparse_categorical_crossentropy',
                metrics=['accuracy'])
    mnist_model.fit(x_train, y_train, epochs=10, shuffle=True, validation_data=(x_test, y_test), callbacks=[checkpoint],)

    mnist_model.save(MNIST_checkpoint_path)
    mnist_model = tf.keras.models.load_model(MNIST_checkpoint_path)

mnist_model.trainable = False

x_adv_train = x_train
y_adv_train = y_train

x_adv_test = x_test
y_adv_test = y_test

# 테스트 데이터 셋 중 랜덤하게 절반을 adversarial example을 만들고자 함. * True: 정상 데이터,  False 적대적 데이터
random_data = tf.random.uniform(
    shape=[len(x_train)], minval=0, maxval=1, dtype=tf.dtypes.float32)

# 0~1까지를 랜덤하게 한 뒤, 0.5 가 넘으면 정상 데이터, 낮으면 적대적 데이터
adversarial_list = tf.cast(random_data>=0.0, tf.bool).numpy()


for i in range(x_train):

    input_x = tf.expand_dims(x_train[i], 0)
    x_fgsm = fast_gradient_method(mnist_model, input_x, params_loaded['fgsm_eps'], np.inf)

    predict_arr = mnist_model.predict(x_fgsm)
    predict = np.argmax(predict_arr)

    if y_train[i] != predict:

        x_adv_train[i] = x_fgsm
        y_adv_train[i] = predict

        adversarial_list[i] = False
