In [1]:
import torch
device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')
print(device)
torch.cuda.empty_cache()
print(torch.cuda.memory_summary())
import os
os.environ['CUDA_LAUNCH_BLOCKING'] = '1' # 下面老是报错 shape 不一致

cuda
|                  PyTorch CUDA memory summary, device ID 0                 |
|---------------------------------------------------------------------------|
|            CUDA OOMs: 0            |        cudaMalloc retries: 0         |
|        Metric         | Cur Usage  | Peak Usage | Tot Alloc  | Tot Freed  |
|---------------------------------------------------------------------------|
| Allocated memory      |       0 B  |       0 B  |       0 B  |       0 B  |
|       from large pool |       0 B  |       0 B  |       0 B  |       0 B  |
|       from small pool |       0 B  |       0 B  |       0 B  |       0 B  |
|---------------------------------------------------------------------------|
| Active memory         |       0 B  |       0 B  |       0 B  |       0 B  |
|       from large pool |       0 B  |       0 B  |       0 B  |       0 B  |
|       from small pool |       0 B  |       0 B  |       0 B  |       0 B  |
|----------------------------------------------------------

In [2]:
#coding:utf-8
import sys
sys.path.append("..")
import os
import torch
import torch.nn as nn
from torch.utils.data import DataLoader
from torchvision import datasets,transforms
from torch.autograd import Variable
from models.resnet import *
from models.vggnet import *
from models.mynet import *
import torch.optim as optim
import numpy as np

device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')

In [3]:
def _pgd_whitebox(model,
                  X,
                  y,
                  epsilon,
                  num_steps,
                  step_size,
                  random=True):
    #out = model(X)
    #err = (out.data.max(1)[1] != y.data).float().sum()
    X_pgd = Variable(X.data, requires_grad=True)
    if random:
        random_noise = torch.FloatTensor(*X_pgd.shape).uniform_(-epsilon, epsilon).to(device)
        X_pgd = Variable(X_pgd.data + random_noise, requires_grad=True)

    for _ in range(num_steps):
        opt = optim.SGD([X_pgd], lr=1e-3)
        opt.zero_grad()

        with torch.enable_grad():
            loss = nn.CrossEntropyLoss()(model(X_pgd), y)
        loss.backward()
        eta = step_size * X_pgd.grad.data.sign()
        X_pgd = Variable(X_pgd.data + eta, requires_grad=True)
        eta = torch.clamp(X_pgd.data - X.data, -epsilon, epsilon)
        X_pgd = Variable(X.data + eta, requires_grad=True)
        X_pgd = Variable(torch.clamp(X_pgd, 0, 1.0), requires_grad=True)
    #err_pgd = (model(X_pgd).data.max(1)[1] != y.data).float().sum()
    #print('err pgd (white-box): ', err_pgd)
    return X_pgd
def one_hot_tensor(y_batch_tensor, num_classes, device):
    y_tensor = torch.cuda.FloatTensor(y_batch_tensor.size(0),
                                      num_classes).fill_(0)
    y_tensor[np.arange(len(y_batch_tensor)), y_batch_tensor] = 1.0
    return y_tensor

class CWLoss(nn.Module):
    def __init__(self, num_classes, margin=50, reduce=True):
        super(CWLoss, self).__init__()
        self.num_classes = num_classes
        self.margin = margin
        self.reduce = reduce
        return

    def forward(self, logits, targets):
        """
        :param inputs: predictions
        :param targets: target labels
        :return: loss
        """
        onehot_targets = one_hot_tensor(targets, self.num_classes,
                                        targets.device)

        self_loss = torch.sum(onehot_targets * logits, dim=1)
        other_loss = torch.max(
            (1 - onehot_targets) * logits - onehot_targets * 1000, dim=1)[0]

        loss = -torch.sum(torch.clamp(self_loss - other_loss + self.margin, 0))

        if self.reduce:
            sample_num = onehot_targets.shape[0]
            loss = loss / sample_num

        return loss
    
def _cw_whitebox(model,
                 X,
                 y,
                 epsilon,
                 num_steps,
                 step_size,
                 random=True):
    #out = model(X)
    #err = (out.data.max(1)[1] != y.data).float().sum()
    X_pgd = Variable(X.data, requires_grad=True)
    if random:
        random_noise = torch.FloatTensor(*X_pgd.shape).uniform_(-epsilon, epsilon).to(device)
        X_pgd = Variable(X_pgd.data + random_noise, requires_grad=True)

    for _ in range(num_steps):
        opt = optim.SGD([X_pgd], lr=1e-3)
        opt.zero_grad()

        with torch.enable_grad():
            loss = CWLoss(10)(model(X_pgd), y)   #cifar10--num_classes=10,imagnet--num_classes=1000
        loss.backward()
        eta = step_size * X_pgd.grad.data.sign()
        X_pgd = Variable(X_pgd.data + eta, requires_grad=True)
        eta = torch.clamp(X_pgd.data - X.data, -epsilon, epsilon)
        X_pgd = Variable(X.data + eta, requires_grad=True)
        X_pgd = Variable(torch.clamp(X_pgd, 0, 1.0), requires_grad=True)
    #err_pgd = (model(X_pgd).data.max(1)[1] != y.data).float().sum()
    #print('err cw (white-box): ', err_pgd)
    return X_pgd

In [4]:
def get_testcase(model_name,dataset_name,model,val_dataloader):
    set_num=10 #控制生成测试集的小组数目
    all_test_data=[]
    all_test_label=[]
    for data, label in val_dataloader:
        if set_num>0:
            data, target = data.to(device), label.to(device)
            all_test_data.append(data)#clean
            all_test_label.append(label)
            # pgd attack
            X, y = Variable(data, requires_grad=True), Variable(label)
            one_pgd = _pgd_whitebox(model, X, y, epsilon=0.031,num_steps=100, step_size=0.003)
            all_test_data.append(one_pgd)#pgd100
            all_test_label.append(label)
            one_fgsm = _pgd_whitebox(model, X, y, epsilon=8/255.0, num_steps=1,step_size=8/255.0)
            all_test_data.append(one_fgsm)#fgsm
            all_test_label.append(label)
            one_cw = _cw_whitebox(model, X, y, epsilon=0.031,num_steps=100, step_size=0.003)
            all_test_data.append(one_cw)#cw
            all_test_label.append(label)
            set_num=set_num-1
        else:
            break
    all_test_data=torch.cat(all_test_data,dim=0)
    all_test_label=torch.cat(all_test_label,dim=0)
    print(all_test_data.shape)
    print(all_test_label.shape)
    torch.save(all_test_data,'images_of_TestCaseSet_{}_{}.pt'.format(model_name,dataset_name))
    torch.save(all_test_label,'labels_of_TestCaseSet_{}_{}.pt'.format(model_name,dataset_name))

In [6]:
batch_size=128

#vgg16+cifar10
val_dataset = datasets.CIFAR10(root='../dataset/data', train=False,download=False, transform=transforms.ToTensor())
val_dataloader = DataLoader(val_dataset, batch_size=batch_size, shuffle=False)
model = vgg16_bn().to(device)
model.load_state_dict((torch.load('../adv_train/model-vgg16-cifar10/TRADES-cifar10-model-vgg16-epoch76.pt')))#评估普通模型-干净样本准确率
model = model.eval()
get_testcase("vgg16","cifar10",model,val_dataloader)

UnboundLocalError: local variable 'target' referenced before assignment

In [None]:
#resnet18+cifar10
val_dataset = datasets.CIFAR10(root='../dataset/data', train=False,download=False, transform=transforms.ToTensor())
val_dataloader = DataLoader(val_dataset, batch_size=batch_size, shuffle=False)
model = ResNet18().to(device)
model.load_state_dict((torch.load('../adv_train/model-resnet18-cifar10/TRADES-cifar10-model-resnet18-epoch76.pt')))#评估普通模型-干净样本准确率
model = model.eval()
get_testcase("resnet18","cifar10",model,val_dataloader)