In [1]:
import torch
import torch.nn as nn
import torch.nn.functional as F
import torchvision
import torch.optim as optim

from src.models import ResNet, MNIST_CNN, CIFAR_CNN
from src.helpers import evaluate_rob_accuracy, evaluate_clean_accuracy, load_model, safe_model
from src.data_loader import load_torchvision_dataset, load_imagenette

#device = torch.device("cuda:0")
device = torch.device("cpu")

dtype = torch.float32

# Helper Functions

In [2]:
#model = ResNet()
#model = MNIST_CNN()
model = CIFAR_CNN()

In [3]:
train_loader, test_loader = load_torchvision_dataset('CIFAR10')

Files already downloaded and verified
Files already downloaded and verified


In [4]:
PATH = './saved-models/CIFAR-baseline-150-epochs.pth'
model = load_model(model, PATH)

# Without adversarial training

In [5]:
evaluate_clean_accuracy(model, test_loader, device)

(72.49, 0.0)

In [6]:
evaluate_rob_accuracy(model, test_loader, device, epsilon=16/255, attack='FGSM')

42.29

# After 5 epochs of adversarial training

In [7]:
train_specs = model.fit_adv(train_loader, train_loader, 5, device, 16/255, attack='PGD')

[1,     1] loss: 1.46292, train_accuracy: 51.07
[1,    21] loss: 1.34121, train_accuracy: 54.88
[1,    41] loss: 1.26299, train_accuracy: 55.66
[1,    61] loss: 1.37453, train_accuracy: 53.12
[1,    81] loss: 1.33547, train_accuracy: 53.03
duration: 2564 s - train loss: 1.34276 - train accuracy: 53.45 - validation loss: 1.16 - validation accuracy: 59.07 
[2,     1] loss: 1.24305, train_accuracy: 58.20
[2,    21] loss: 1.29893, train_accuracy: 54.20
[2,    41] loss: 1.30814, train_accuracy: 51.46
[2,    61] loss: 1.28371, train_accuracy: 54.20
[2,    81] loss: 1.23635, train_accuracy: 55.66
duration: 2561 s - train loss: 1.29883 - train accuracy: 54.13 - validation loss: 1.16 - validation accuracy: 59.26 
[3,     1] loss: 1.32356, train_accuracy: 54.79
[3,    21] loss: 1.25065, train_accuracy: 54.59
[3,    41] loss: 1.27436, train_accuracy: 54.59
[3,    61] loss: 1.22230, train_accuracy: 58.89
[3,    81] loss: 1.34580, train_accuracy: 53.71
duration: 2564 s - train loss: 1.29002 - train

In [8]:
evaluate_clean_accuracy(model, test_loader, device)

(71.41, 0.0)

In [9]:
evaluate_rob_accuracy(model, test_loader, device, epsilon=16/255, attack='FGSM')

53.38

In [10]:
PATH = './saved-models/CIFAR-clean-150e-adv-5e.pth'
safe_model(
    PATH, 
    model, 
    train_specs['optimizer'], 
    description='adv training with pgd and eps=16/255 for 5 epoch', 
    epoch=155)

'./saved-models/CIFAR-clean-150e-adv-5e.pth'

# After 10 epochs of adversarial training

In [11]:
train_specs = model.fit_adv(train_loader, train_loader, 5, device, 16/255, attack='PGD')

[1,     1] loss: 1.30868, train_accuracy: 55.08
[1,    21] loss: 1.27957, train_accuracy: 57.91
[1,    41] loss: 1.24230, train_accuracy: 57.71
[1,    61] loss: 1.30919, train_accuracy: 54.10
[1,    81] loss: 1.22572, train_accuracy: 55.66
duration: 2956 s - train loss: 1.27886 - train accuracy: 54.77 - validation loss: 1.17 - validation accuracy: 59.13 
[2,     1] loss: 1.30269, train_accuracy: 55.86
[2,    21] loss: 1.32282, train_accuracy: 54.00
[2,    41] loss: 1.25334, train_accuracy: 56.54
[2,    61] loss: 1.33375, train_accuracy: 52.54
[2,    81] loss: 1.20439, train_accuracy: 56.45
duration: 2906 s - train loss: 1.27294 - train accuracy: 55.12 - validation loss: 1.18 - validation accuracy: 58.67 
[3,     1] loss: 1.30653, train_accuracy: 52.64
[3,    21] loss: 1.33507, train_accuracy: 50.78
[3,    41] loss: 1.27715, train_accuracy: 55.08
[3,    61] loss: 1.31228, train_accuracy: 53.22
[3,    81] loss: 1.30228, train_accuracy: 54.00
duration: 2808 s - train loss: 1.27001 - train

In [12]:
evaluate_clean_accuracy(model, test_loader, device)

(71.63, 0.0)

In [13]:
evaluate_rob_accuracy(model, test_loader, device, epsilon=16/255, attack='FGSM')

54.82

In [10]:
PATH = './saved-models/CIFAR-clean-150e-adv-10e.pth'
safe_model(
    PATH, 
    model, 
    train_specs['optimizer'], 
    description='adv training with pgd and eps=16/255 for 10 epoch', 
    epoch=160)

'./saved-models/CIFAR-clean-150e-adv-5e.pth'

# After 40 epochs of adversarial training

In [None]:
train_specs = model.fit(train_loader, test_loader, 50, device)

In [24]:
PATH = './saved-models/CIFAR-baseline-150-epochs.pth'
safe_model(
    PATH, 
    model, 
    train_specs['optimizer'], 
    description='Baseline Model trained for 150 epochs', 
    epoch=100)

'./saved-models/CIFAR-baseline-150-epochs.pth'

In [None]:
PATH = './saved-models/CIFAR-baseline-pgd-adv.pth'
safe_model(
    PATH, 
    model, 
    train_specs['optimizer'], 
    description='Trained the baseline model for 20 more epochs with pgd, eps=16/255)', 
    epoch=120)

In [None]:

evaluate_rob_accuracy(model, test_loader, device, 16/255, attack='FGSM')

In [None]:

evaluate_rob_accuracy(model, test_loader, device, 16/255, attack='FGSM')