# Stateful Projan Attack Evaluation

This notebook implements a stateful version of the Projan attack with adaptive trigger selection.

## Key Features:
- **Multiple Triggers**: 5 different synthetic triggers with varying effectiveness
- **Stateful Adversary**: Adaptive belief state that updates based on success/failure
- **Projan Training**: Model is trained to respond to triggers (not just pre-trained)
- **GPU Acceleration**: Optimized for Kaggle's GPU environment


In [4]:
# Setup Kaggle environment
import os
import json

# Set up Kaggle API credentials
kaggle_credentials = {
    "username": "ahmedsamir1598",
    "key": "096552a16408f5e2cde511c2c617e172"
}

kaggle_dir = os.path.expanduser("~/.kaggle")
os.makedirs(kaggle_dir, exist_ok=True)

with open(os.path.join(kaggle_dir, "kaggle.json"), "w") as f:
    json.dump(kaggle_credentials, f)

os.chmod(os.path.join(kaggle_dir, "kaggle.json"), 0o600)

print("✅ Kaggle API credentials set up successfully!")


✅ Kaggle API credentials set up successfully!


In [2]:
# Install required packages
!pip install torch torchvision numpy matplotlib Pillow tqdm
!pip install trojanvision

print("✅ Packages installed successfully!")


Defaulting to user installation because normal site-packages is not writeable
Collecting torch
  Downloading torch-2.8.0-cp312-cp312-win_amd64.whl.metadata (30 kB)
Collecting torchvision
  Downloading torchvision-0.23.0-cp312-cp312-win_amd64.whl.metadata (6.1 kB)
Collecting numpy
  Downloading numpy-2.3.3-cp312-cp312-win_amd64.whl.metadata (60 kB)
Collecting matplotlib
  Downloading matplotlib-3.10.6-cp312-cp312-win_amd64.whl.metadata (11 kB)
Collecting Pillow
  Downloading pillow-11.3.0-cp312-cp312-win_amd64.whl.metadata (9.2 kB)
Collecting filelock (from torch)
  Using cached filelock-3.19.1-py3-none-any.whl.metadata (2.1 kB)
Collecting typing-extensions>=4.10.0 (from torch)
  Using cached typing_extensions-4.15.0-py3-none-any.whl.metadata (3.3 kB)
Collecting networkx (from torch)
  Using cached networkx-3.5-py3-none-any.whl.metadata (6.3 kB)
Collecting jinja2 (from torch)
  Using cached jinja2-3.1.6-py3-none-any.whl.metadata (2.9 kB)
Collecting fsspec (from torch)
  Using cached fss



Defaulting to user installation because normal site-packages is not writeable
✅ Packages installed successfully!


ERROR: Could not find a version that satisfies the requirement trojanvision (from versions: none)
ERROR: No matching distribution found for trojanvision


In [5]:
# Check GPU availability
import torch
print(f"CUDA available: {torch.cuda.is_available()}")
print(f"CUDA device count: {torch.cuda.device_count()}")
if torch.cuda.is_available():
    print(f"Current device: {torch.cuda.current_device()}")
    print(f"Device name: {torch.cuda.get_device_name()}")


CUDA available: False
CUDA device count: 0


In [None]:
# Run the Stateful Projan evaluation
!python kaggle_stateful_projan.py


In [None]:
# Display results
import json
import matplotlib.pyplot as plt

# Load results
with open('/kaggle/working/results.json', 'r') as f:
    results = json.load(f)

# Plot success rates
budgets = list(results.keys())
success_rates = [results[b]['success_rate'] for b in budgets]
avg_probes = [results[b]['avg_probes'] for b in budgets]

fig, (ax1, ax2) = plt.subplots(1, 2, figsize=(12, 5))

# Success rate plot
ax1.plot(budgets, success_rates, 'bo-', linewidth=2, markersize=8)
ax1.set_xlabel('Query Budget')
ax1.set_ylabel('Success Rate')
ax1.set_title('Stateful Projan Attack Success Rate')
ax1.grid(True, alpha=0.3)
ax1.set_ylim(0, 1)

# Average probes plot
ax2.plot(budgets, avg_probes, 'ro-', linewidth=2, markersize=8)
ax2.set_xlabel('Query Budget')
ax2.set_ylabel('Average Probes to Success')
ax2.set_title('Average Probes Required for Success')
ax2.grid(True, alpha=0.3)

plt.tight_layout()
plt.show()

# Print detailed results
print("\n" + "="*80)
print("DETAILED RESULTS")
print("="*80)
for budget in budgets:
    result = results[budget]
    print(f"\nQuery Budget: {budget}")
    print(f"  Success Rate: {result['success_rate']:.3f}")
    print(f"  Avg Probes: {result['avg_probes']:.2f}")
    print(f"  Final Belief: {result['final_belief']}")
