Import the pre trained model

In [1]:
import tensorflow as tf
import tensorflow.keras

In [2]:
model = tf.keras.models.load_model('trained_models/firstCNN.h5')
model.summary()

Model: "sequential"
_________________________________________________________________
Layer (type)                 Output Shape              Param #   
conv2d (Conv2D)              (None, 256, 256, 16)      448       
_________________________________________________________________
max_pooling2d (MaxPooling2D) (None, 128, 128, 16)      0         
_________________________________________________________________
conv2d_1 (Conv2D)            (None, 64, 64, 32)        4640      
_________________________________________________________________
max_pooling2d_1 (MaxPooling2 (None, 32, 32, 32)        0         
_________________________________________________________________
conv2d_2 (Conv2D)            (None, 16, 16, 64)        18496     
_________________________________________________________________
max_pooling2d_2 (MaxPooling2 (None, 8, 8, 64)          0         
_________________________________________________________________
flatten (Flatten)            (None, 4096)              0

Import the pre processed data

In [6]:
import numpy as np
x_train = np.load('processed_data/first_experiment/x_im_train.npy')
x_test = np.load('processed_data/first_experiment/x_im_test.npy')
y_train = np.load('processed_data/first_experiment/y_im_train.npy')
y_test = np.load('processed_data/first_experiment/y_im_test.npy')

In [8]:
_, accuracy_test_original = model.evaluate(x_test, y_test)
print('Accuracy on original test data: {:4.2f}%'.format(accuracy_test_original * 100))

Accuracy on original test data: 73.45%


Make ART model

In [9]:
from art.estimators.classification import TensorFlowV2Classifier
from art.attacks.evasion import FastGradientMethod, CarliniL0Method



In [10]:
loss_object = tf.keras.losses.CategoricalCrossentropy()
classifier = TensorFlowV2Classifier(model=model, nb_classes=7, input_shape=(256, 256, 3), loss_object=loss_object)

In [11]:
attack_fgsm = FastGradientMethod(estimator=classifier, eps=0.3)

In [12]:
x_test_adv = attack_fgsm.generate(x_test)

In [13]:
_, accuracy_test_attack = model.evaluate(x_test_adv, y_test)
perturbation = np.mean(np.abs((x_test_adv - x_test)))

print('Accuracy on adversarial test data: {:4.2f}%'.format(accuracy_test_attack * 100))
print('Average perturbation: {:4.2f}'.format(perturbation))

Accuracy on adversarial test data: 7.08%
Average perturbation: 0.27


In [None]:
attack_cw = CarliniL0Method(classifier=classifier)

x_test_adv = attack_cw.generate(x_test)

In [None]:
loss_test, accuracy_test = model.evaluate(x_test_adv, y_test)
perturbation = np.mean(np.abs((x_test_adv - x_test)))
print('Accuracy on original test data: {:4.2f}%'.format(accuracy_test_original * 100))
print('Accuracy on adversarial test data: {:4.2f}%'.format(accuracy_test * 100))
print('Average perturbation: {:4.2f}'.format(perturbation))