In [1]:
import numpy as np
import tensorflow as tf
import pickle
import pandas as pd




In [2]:
# Custom Networks
from networks.lenet import LeNet
from networks.resnet import ResNet

In [3]:
# Helper functions
import attack
import helper

In [4]:
np.random.seed(100)

In [5]:
(x_train, y_train), (x_test, y_test) = tf.keras.datasets.cifar10.load_data()

In [6]:
class_names = ['airplane', 'automobile', 'bird', 'cat',
               'deer', 'dog', 'frog', 'horse', 'ship', 'truck']

In [7]:
# uncomment the network to attack it
model = [LeNet()]
# model = [ResNet()]



Successfully loaded lenet


In [8]:
attacker = attack.PixelAttacker(model, (x_test, y_test), class_names)

In [9]:
def attack_all(models, samples=10000, pixels=(1, 3, 5), targeted=False, verbose=False):
    results = []
    for model in models:
        model_results = []
        valid_imgs = correct_imgs[correct_imgs.name == model.name].img
        img_samples = np.random.choice(valid_imgs, samples, replace=False)

        for pixel_count in pixels:
            for i, img in enumerate(img_samples):
                print(model.name, '- image', img,
                      '-', i+1, '/', len(img_samples))
                targets = [None] if not targeted else [np.random.randint(0,10)]

                for target in targets:
                    result = []
                    for i in range(5):
                        result_ = attacker.attack(img, model, target, pixel_count, verbose=verbose)
                        result.append(result_)
                    success = True if np.sum(result) > 1 else False
                    model_results.append([img, pixel_count, result, success])
                print('pixel_count', pixel_count, 'success ratio:', np.sum(np.array(model_results, dtype = "object")[:,3])/len(model_results))

        results += model_results

    return results

In [10]:
num_samples = 1 # select the number of random images to attack
num_pixels = [1] # select the number of pixels to use during the attack
is_targeted = False # select whether attack is targeted or untareted

In [12]:
_, correct_imgs = helper.evaluate_models(model, x_test, y_test)
correct_imgs = pd.DataFrame(correct_imgs, columns=[
                            'name', 'img', 'label', 'confidence', 'pred'])

Evaluating lenet


In [None]:
results = attack_all(model, samples=num_samples, pixels=num_pixels, targeted=is_targeted)