## Installing Dependencies

In [None]:
!pip install -r ResNet_Boosting_requirements.txt

In [None]:
import torch
import torch.nn as nn
import torch.nn.functional as F
from torch.utils.data import DataLoader
from torchvision import datasets
import torchvision.transforms as transforms
from torchvision import models as M
import torch.optim as optim
from tqdm import tqdm
import logging
import random
from sklearn.metrics import accuracy_score, f1_score, precision_score, recall_score, classification_report

In [None]:
device = torch.device("cuda:0" if torch.cuda.is_available() else "cpu")

## Transforms


In [None]:
transform = transforms.Compose([
    transforms.ToTensor(),
    transforms.Normalize((0.5, 0.5, 0.5), (0.5, 0.5, 0.5))
])

train_data = datasets.ImageFolder(root="./train", transform=transform)
test_data = datasets.ImageFolder(root="./test", transform=transform)

## Constructing Model

In [None]:
def construct_model():
    # Load a ResNet-18 model pre-trained on ImageNet
    resnet = M.resnet18(pretrained=False)

    # Original ResNet expects 224x224 images
    resnet.conv1 = nn.Conv2d(3, 64, kernel_size=3, stride=1, padding=1, bias=False)
    resnet.maxpool = nn.Identity()  # Remove the max pooling layer to retain spatial dimensions

    # Update the fully connected (fc) layer for binary classification
    # Original ResNet has an output size of 1000
    num_features = resnet.fc.in_features
    resnet.fc = nn.Linear(num_features, 2)

    return resnet

In [None]:
def train_model(model, train_loader, test_loader, data_aug_fn,
        attach_fn=None, epochs=10, lr=0.001, device='cuda' if torch.cuda.is_available() else 'cpu'):
    """
    Train a PyTorch model with data augmentation and progress logging.

    Args:
        model (torch.nn.Module): The model to train.
        train_loader (DataLoader): Dataloader for training data.
        test_loader (DataLoader): Dataloader for test data.
        data_aug_fn (callable): Function to apply data augmentation on training data.
        epochs (int): Number of epochs to train. Default is 10.
        lr (float): Learning rate. Default is 0.001.
        device (str): Device to use ('cuda' or 'cpu'). Default is 'cuda' if available.

    Returns:
        model: The trained model.
    """
    # Setup logging
    logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(message)s')
    logger = logging.getLogger()
    model.to(device)

    criterion = nn.CrossEntropyLoss()
    optimizer = optim.Adam(model.parameters(), lr=lr)

    # Training loop
    for epoch in range(epochs):
        model.train()
        train_loss, correct, total = 0, 0, 0

        print(f"Epoch [{epoch+1}/{epochs}] - Training...")
        for inputs, targets in tqdm(train_loader, desc="Training", leave=False):
            inputs, targets = data_aug_fn(inputs,targets)
            inputs, targets = inputs.to(device), targets.to(device)

            outputs = model(inputs)
            loss = criterion(outputs, targets)

            optimizer.zero_grad()
            loss.backward()
            optimizer.step()

            train_loss += loss.item()
            _, predicted = outputs.max(1)
            total += targets.size(0)
            correct += predicted.eq(targets).sum().item()

        train_accuracy = 100. * correct / total
        print(f"Epoch [{epoch+1}/{epochs}] - Loss: {train_loss:.4f}, Accuracy: {train_accuracy:.2f}%")

        model.eval()
        test_loss, correct, total = 0, 0, 0

        print(f"Epoch [{epoch+1}/{epochs}] - Validation...")
        with torch.no_grad():
            for inputs, targets in tqdm(test_loader, desc="Validation", leave=False):
                inputs, targets = inputs.to(device), targets.to(device)
                outputs = model(inputs)
                loss = criterion(outputs, targets)

                test_loss += loss.item()
                _, predicted = outputs.max(1)
                total += targets.size(0)
                correct += predicted.eq(targets).sum().item()

        test_accuracy = 100. * correct / total
        print(f"Epoch [{epoch+1}/{epochs}] - Test Loss: {test_loss:.4f}, Test Accuracy: {test_accuracy:.2f}%")

        if attach_fn is not None:
            model.eval()
            test_loss, correct, total = 0, 0, 0
            print(f"Epoch [{epoch+1}/{epochs}] - Attacking...")
            for inputs, targets in tqdm(test_loader, desc="Attacking", leave=False):
                inputs, targets = inputs.to(device), targets.to(device)
                inputs, targets = attach_fn(inputs, targets)
                with torch.no_grad():
                    outputs = model(inputs)
                loss = criterion(outputs, targets)

                # Metrics
                test_loss += loss.item()
                _, predicted = outputs.max(1)
                total += targets.size(0)
                correct += predicted.eq(targets).sum().item()

            test_accuracy = 100. * correct / total
            print(f"Epoch [{epoch+1}/{epochs}] - Attacked Loss: {test_loss:.4f}, Attacked Accuracy: {test_accuracy:.2f}%")
        print()
    print("Training Complete!")
    return model

## Adversarial Attacks

In [None]:
#FGSM
def fgsm_attack(model, x, y, eps=0.03, targeted=False):
    model.eval()
    x = x.to(device)
    y = y.to(device)
    x_adv = x.clone().detach().requires_grad_(True)

    output = model(x_adv)
    criterion = nn.CrossEntropyLoss()

    model.zero_grad()
    loss = criterion(output, y)
    loss.backward()

    with torch.no_grad():
        if targeted:
            perturb = eps * torch.sign(-x_adv.grad)
        else:
            perturb = eps * torch.sign(x_adv.grad)

        x_adv = torch.clamp(x_adv + perturb, min=0, max=1)

    return x_adv

In [None]:
# PGD attack function
def pgd_attack(model, x, y, eps=0.03, alpha=0.01, steps=2, targeted=False):
    model.eval()
    x = x.to(device)
    y = y.to(device)
    x_adv = x.clone().detach()

    x_adv = x_adv + torch.empty_like(x_adv).uniform_(-eps, eps)
    x_adv = torch.clamp(x_adv, min=0, max=1)

    criterion = nn.CrossEntropyLoss()

    for _ in range(steps):
        x_adv.requires_grad_(True)

        output = model(x_adv)
        loss = criterion(output, y)

        model.zero_grad()
        loss.backward()

        with torch.no_grad():
            if targeted:
                perturb = -alpha * torch.sign(x_adv.grad)
            else:
                perturb = alpha * torch.sign(x_adv.grad)

            x_adv += perturb
            x_adv = torch.max(torch.min(x_adv, x + eps), x - eps)
            x_adv = torch.clamp(x_adv, min=0, max=1)

    return x_adv

In [None]:
train_dataloader = torch.utils.data.DataLoader(train_data, batch_size=32, shuffle=True)
test_dataloader = torch.utils.data.DataLoader(test_data, batch_size=32, shuffle=True)

In [None]:
def attackit(x,y, model,p_orig=0.3,p_pgd=0.3,p_fgsm=0.4):
  # Custom function for attacking
    rn = random.uniform(0,1)
    if rn < p_orig:
        return x,y
    elif rn < p_orig + p_pgd:
        return pgd_attack(model,x,y),y
    else:
        return fgsm_attack(model,x,y),y

def identity(x, y):
    return x, y

## Generating final predictions

In [None]:
def make_preds(model, test_dataloader, attach_fn,device):
    preds = []
    to_preds = []
    for inputs, targets in tqdm(test_dataloader, desc="Attacking", leave=False):
        inputs, targets = inputs.to(device), targets.to(device)
        inputs, targets = attach_fn(inputs, targets)
        with torch.no_grad():
            outputs = model(inputs)
        _, predicted = outputs.max(1)
        preds.extend(predicted.cpu().numpy())
        to_preds.extend(targets.cpu().numpy())
    return preds, to_preds

model = models[-1]
model.eval()

device = 'cuda' if torch.cuda.is_available() else 'cpu'
attach_fn = lambda x,y: attackit(x,y, models[0],1.0,0.0,0.0)
preds, to_preds = make_preds(model, test_dataloader, attach_fn,device)
print('Without Adversarial Attacks')
print(classification_report(to_preds, preds))

attach_fn = lambda x,y: attackit(x,y, models[0],0.0,0.5,0.5)
preds, to_preds = make_preds(models[0], test_dataloader, attach_fn,device)
print('With Adversarial Attacks (FGSM + PGD)-Baseline')
print(classification_report(to_preds, preds))


attach_fn = lambda x,y: attackit(x,y, models[0],0.0,0.0,1.0)
preds, to_preds = make_preds(model, test_dataloader, attach_fn,device)
print('With FGSM Adversarial Attacks')
print(classification_report(to_preds, preds))

attach_fn = lambda x,y: attackit(x,y, models[0],0.0,1.0,0.0)
preds, to_preds = make_preds(model, test_dataloader, attach_fn,device)
print('With PGD Adversarial Attacks')
print(classification_report(to_preds, preds))