In [1]:
import os
import tempfile

from sklearn.metrics import accuracy_score
from PIL import Image


from aidefender.utils.mlflow import load_model, create_art_model, save_art_model
from aidefender.robustness import robustness_accuracy
from aidefender.defences.bart import BaRT
from aidefender.exp.datasets import create_dataset

# Declare constants

In [None]:
dataset_class = 'aidefender.exp.datasets.RP2KDataset'
data_path = '../artifacts/data/RP2K_small/'
model_path = '../artifacts/models/mlflow_RP2K_pytorch/'

# Load data

In [None]:
dataset = create_dataset(dataset_class, data_path)

In [None]:
dataset.images.shape

In [None]:
dataset.labels

## Show some images

In [None]:
Image.fromarray(dataset.images[6])

In [None]:
Image.fromarray(dataset.images[47])

# Load model

In [None]:
mlflow_model = load_model(model_path)

In [None]:
art_model = create_art_model(mlflow_model)

## Test model

In [None]:
predictions = art_model.predict(dataset.images).argmax(-1)

In [None]:
predictions

# Calc accuracy and robustness

In [None]:
acc = accuracy_score(dataset.labels, predictions)

In [None]:
acc

In [None]:
robust_acc = robustness_accuracy(art_model, dataset.images, attack_name='fgsm')

In [None]:
robust_acc

# Apply aidefender's BaRT defense

In [None]:
defense = BaRT() # channels_first=art_model.channels_first

In [None]:
defense

In [None]:
art_model.set_params(preprocessing_defences=defense)

## Calc accuracy and robustness of the defended model

In [None]:
predictions = art_model.predict(dataset.images).argmax(-1)

In [None]:
acc = accuracy_score(dataset.labels, predictions)

In [None]:
acc

In [None]:
robust_acc = robustness_accuracy(art_model, dataset.images, attack_name='fgsm')

In [None]:
robust_acc

# Save model

In [None]:
tmp_dir = tempfile.mkdtemp(prefix='aidefender')

In [None]:
tmp_dir

In [None]:
model_path = os.path.join(tmp_dir, 'model')

In [None]:
save_art_model(art_model, model_path)

In [None]:
!cat {model_path}/MLmodel