# Find the best adversary

- the idea is to train the best possible classifier of MNIST digits
- and use it's 2nd most probable class as the adversarial choice for pre-commit

In [None]:
import numpy as np
from utils import prepare_data, create_mnist_cnn_model

batch_size = 128
num_classes = 10
epochs = 12

In [None]:
x_train, y_train, x_test, y_test, input_shape = prepare_data()

# The best possible classifier

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=epochs,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 60000 samples, validate on 10000 samples
Epoch 1/12
Epoch 2/12
Epoch 3/12
Epoch 4/12
Epoch 5/12
Epoch 6/12
Epoch 7/12
Epoch 8/12
Epoch 9/12
Epoch 10/12
Epoch 11/12
Epoch 12/12


<keras.callbacks.History at 0x7f5622da72b0>

In [3]:
model.save('model_mnist_12epochs.h5py')

# This adversary works (87.36% -> 79.43%)

- but couldn't we make a stronger adversary?
- I realized that the probability distribution over classes is really sharp for this well trained classifier
- which means that the 2nd most probable class is not the best adversarial choice (or as good as any other of the 8 remaining classes)
- let's try to use an underfit model and see if it can be a better adversary

## Train a worse model - 30k samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:30000], y_train[:30000],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 30000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7ff0b75a73c8>

In [3]:
model.save('model_mnist_30ksamples.h5py')

# Ok, this works even better! (77.72%)

- let's try to limit the training even more
- edit: the following search was done manually, because I didn't originally now how much time I can spend looking for the best adversary
- edit2: the search I did by hand was a binary search, but I reordered the cells for a better orientation

## Train a worse model 15k samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:15000], y_train[:15000],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 15000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f540a81a400>

In [3]:
model.save('model_mnist_15ksamples.h5py')

## Train a worse model - 10k samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:10000], y_train[:10000],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 10000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7fd6fc457048>

In [3]:
model.save('model_mnist_10ksamples.h5py')

## Train a worse model 7.k samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:7500], y_train[:7500],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 7500 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7fbb32b493c8>

In [3]:
model.save('model_mnist_7500samples.h5py')

## Train a worse model - 5k samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:5000], y_train[:5000],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 5000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f494cdfe550>

In [3]:
model.save('model_mnist_5ksamples.h5py')

## Train a worse model - 500 samples

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape)
model.fit(x_train[:500], y_train[:500],
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 500 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f06983bf3c8>

In [3]:
model.save('model_mnist_500samples.h5py')

# Ok, the idea with limited training worked

- but limiting the number of samples is probably suboptimal with respect to our goal of finding the best adversarial choice
- let's try to train the model on all training samples (1 full epoch)
- but achieve the underfit by decreasing the learning rate

## Train a worse model - adam 1e-6

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape, lr=1e-6)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 60000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f233cdbeb38>

In [3]:
model.save('model_mnist_1epoch_adam1e-6.h5py')

## Train a worse model - adam 1e-5

In [None]:
model = create_mnist_cnn_model(num_classes, input_shape, lr=1e-5)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

In [3]:
model.save('model_mnist_1epoch_adam1e-5.h5py')

## Train a worse model - adam 5e-5

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape, lr=5e-5)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 60000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f034d8afbe0>

In [3]:
model.save('model_mnist_1epoch_adam5e-5.h5py')

### Train another one with a different seed

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape, lr=5e-5)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 60000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f4c281db6a0>

In [3]:
model.save('model_mnist_1epoch_adam5e-5_2.h5py')

## Train a worse model - adam 1e-4

In [2]:
model = create_mnist_cnn_model(num_classes, input_shape, lr=1e-4)
model.fit(x_train, y_train,
          batch_size=batch_size,
          epochs=1,
          verbose=1,
          validation_data=(x_test, y_test))

Train on 60000 samples, validate on 10000 samples
Epoch 1/1


<keras.callbacks.History at 0x7f6a13a67c18>

In [3]:
model.save('model_mnist_1epoch_adam1e-4.h5py')