In [1]:
mnist_models_path = '../output/mnist-models.csv'
mnist_fgm_results_path = '../output/mnist-fgm-results.json'
mnist_cw_results_path = '../output/mnist-cw-results.json'
mnist_bim_results_path = '../output/mnist-bim-results.json'

In [2]:
import pandas as pd
import numpy as np
from collections import OrderedDict
import re

In [3]:
mnist_models = pd.read_csv(mnist_models_path)

In [4]:
def process(df):
    df['accuracy'] = df.accuracies.apply(np.mean)
    df['attack_type'] = df.apply(
        lambda r: ('%s(L-%s,eps=%.1f)' % (r['attack_type'], r['ord'], r['epsilon'])
                   if 'epsilon' in r else r['attack_type']), axis=1)
    # in case there're duplicates
#     df = df.groupby(['model_name', 'attack_type']).agg({'accuracy': np.mean}).reset_index()
    return df

In [5]:
mnist_fgm_results = process(pd.read_json(mnist_fgm_results_path))
# mnist_cw_results = pd.read_json(mnist_cw_results_path)
mnist_cw_results = pd.read_csv('../output/mnist-cnw-results.csv') # wait for newer results
mnist_bim_results = process(pd.read_json(mnist_bim_results_path))

In [6]:
mnist_results = pd.concat([mnist_fgm_results, mnist_bim_results, mnist_cw_results], sort=False)

In [7]:
mnist_results.model_name.drop_duplicates().values

array(['cnn-mnist-relu', 'cnn-mnist-relu-maxfit_l1_01_05',
       'cnn-mnist-relu-maxfit_l2_01_05',
       'cnn-mnist-relu-maxmargin_l1_01_05',
       'cnn-mnist-relu-maxmargin_l2_01_05', 'cnn-mnist-relog',
       'cnn-mnist-relog-more-neurons', 'cnn-mnist-relog-maxout_2',
       'cnn-mnist-relog-minmaxout_4_2',
       'cnn-mnist-relog-minmaxout_4_2-sigmoid_out',
       'cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out',
       'cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out-max_fit_l1_1',
       'cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out-max_fit_l1_1-scrambling',
       'cnn-mnist-relu-kernel',
       'cnn-mnist-relog-minmaxout_4_2-sigmoid_out-max_margin'],
      dtype=object)

In [12]:
def format_table(formated_names, model_order, attack_order):
    df = mnist_results[mnist_results.model_name.isin(formated_names) &
                       mnist_results.attack_type.isin(attack_order)].copy()
    df['accuracy'] = df.accuracy.apply(lambda v: '%.2f' % v if type(v) == float else '-')
    df = df.pivot(index='model_name', values='accuracy', columns='attack_type')
    df = (df.reindex(sorted(df.columns, key=attack_order.__getitem__), axis=1)
          .reset_index().fillna('-'))
    df['model_order'] = df.model_name.apply(model_order.__getitem__)
    df = df.sort_values(['model_order']).drop(columns='model_order')
    df['model_name'] = df.model_name.apply(formatted_names.__getitem__)    
    return df, df.to_latex(index=False)

# Ablation table

In [13]:
formatted_names = OrderedDict([
    ('cnn-mnist-relu', 'ReLU'),
    ('cnn-mnist-relog', 'ReLog'), 
    ('cnn-mnist-relog-maxout_2', '+ MaxOut (k=2)'),
    ('cnn-mnist-relog-minmaxout_4_2', '+ MinOut (k=4)'),
    ('cnn-mnist-relog-minmaxout_4_2-sigmoid_out', '+ Sigmoid output'),
    ('cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out', '+ Spherical'),  
    ('cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out-max_fit_l1_1', '+ MaxFit'),  
    ('cnn-mnist-relog-spherical-minmaxout_4_2-sigmoid_out-max_fit_l1_1-scrambling', '+ Scramble training'),  
])
model_order = {n: i for i, n in enumerate(formatted_names)}

In [14]:
used_attacks = [
    'FGM(L-2.0,eps=3.0)',
    'FGM(L-nan,eps=0.2)',
    'FGM(L-nan,eps=0.3)',
    'BIM(L-nan,eps=0.3)', 
    'C&W'
]
attack_order = {n: i for i, n in enumerate(used_attacks)}

In [15]:
ablation_table, latex = format_table(formatted_names, model_order, attack_order)

In [16]:
print(latex)

\begin{tabular}{llllll}
\toprule
          model\_name & FGM(L-2.0,eps=3.0) & FGM(L-nan,eps=0.2) & FGM(L-nan,eps=0.3) & BIM(L-nan,eps=0.3) &   C\&W \\
\midrule
                ReLU &               0.44 &               0.55 &               0.21 &               0.02 &  0.00 \\
               ReLog &               0.70 &               0.63 &               0.36 &               0.03 &  0.01 \\
      + MaxOut (k=2) &               0.77 &               0.70 &               0.54 &               0.09 &  0.01 \\
      + MinOut (k=4) &               0.79 &               0.83 &               0.68 &               0.21 &  0.02 \\
    + Sigmoid output &               0.84 &               0.87 &               0.74 &               0.31 &  0.19 \\
         + Spherical &               0.85 &               0.85 &               0.79 &               0.42 &     - \\
            + MaxFit &               0.84 &               0.87 &               0.79 &               0.49 &     - \\
 + Scramble training &      

# Regularization

In [17]:
formatted_names = OrderedDict([
    ('cnn-mnist-relu', 'ReLU'),
    ('cnn-mnist-relu-maxfit_l1_01_05', 'ReLU + MaxFit (l1)'),
    ('cnn-mnist-relu-maxfit_l2_01_05', 'ReLU + MaxFit (l2)'),
    ('cnn-mnist-relu-maxmargin_l1_01_05', 'ReLU + MaxMargin (l1)'),
    ('cnn-mnist-relu-maxmargin_l2_01_05', 'ReLU + MaxMargin (l2)'),
    ('cnn-mnist-relog-minmaxout_4_2-sigmoid_out', 'DNNP'),
    ('cnn-mnist-relog-minmaxout_4_2-sigmoid_out-max_margin', 'DNNP + MaxMargin' ),
    
])
order = {n: i for i, n in enumerate(formatted_names)}

In [32]:
attack_order2 = {n: v for n, v in attack_order.items()
                 if 'BIM' not in n and 'C&W' not in n and 'L-2.0' not in n}
ablation_table, latex = format_table(formatted_names, order, attack_order2)
latex = re.sub(r'L-([\d\.\w]+),eps=([\d\.]+)', r'$\epsilon=\2$', latex)

In [33]:
print(latex)

\begin{tabular}{lll}
\toprule
            model\_name & FGM($\epsilon=0.2$) & FGM($\epsilon=0.3$) \\
\midrule
                  ReLU &               0.55 &               0.21 \\
    ReLU + MaxFit (l1) &               0.57 &               0.19 \\
    ReLU + MaxFit (l2) &               0.36 &               0.07 \\
 ReLU + MaxMargin (l1) &               0.34 &               0.05 \\
 ReLU + MaxMargin (l2) &               0.42 &               0.09 \\
                  DNNP &               0.87 &               0.74 \\
\bottomrule
\end{tabular}

