In [None]:
import sys
import os

sys.path.insert(0, os.path.abspath(".."))

import torch
import torchvision.models as models
import numpy as np

import adverserial_noise.utils.utils as utils
from adverserial_noise.attacks.attack import (
    AdversarialAttack,
    AttackTypes,
    BackendTypes,
)

In [None]:
device = torch.device("cuda" if torch.cuda.is_available() else "cpu")

model = models.resnet18(weights=models.ResNet18_Weights.IMAGENET1K_V1)
model.eval()
model.to(device)

model.eval()
for p in model.parameters():
    p.requires_grad = False

img_path = "panda.jpg"
img = utils.read_image(img_path)

In [None]:
img_tensor = utils.image_to_tensor(
    img, size=(224, 224), backend=BackendTypes.PYTORCH
).to(device)

target_class_index = torch.tensor([368], device=device)

In [None]:
adversarial_attack = AdversarialAttack()

adv_tensor, noise_tensor = adversarial_attack.run_attack(
    model=model,
    inputs=img_tensor,
    targets=target_class_index,
    attack_type=AttackTypes.FGSM,
    loss_fn=torch.nn.CrossEntropyLoss(reduction="sum"),
)

In [None]:
probs_orig = utils.get_pred_probs(model, img_tensor, backend=BackendTypes.PYTORCH)
probs_adv = utils.get_pred_probs(model, adv_tensor, backend=BackendTypes.PYTORCH)

pred_class_orig = np.argmax(probs_orig)
pred_class_adv = np.argmax(probs_adv)

class_names = utils.load_imagenet_classes()

In [None]:
print("predicted original class: ", class_names[pred_class_orig])
print("predicted adversarial class: ", class_names[pred_class_adv])

In [None]:
utils.visualize_attack(
    original=img_tensor,
    adversarial=adv_tensor,
    noise=noise_tensor,
    probs=probs_adv,
    predicted_class=class_names[pred_class_adv],
    true_class=class_names[pred_class_orig],
    class_names=class_names,
    backend=BackendTypes.PYTORCH,
)

In [None]:
target_class_index = torch.tensor([0], device=device)

adv_tensor, noise_tensor = adversarial_attack.run_attack(
    model=model,
    inputs=img_tensor,
    targets=target_class_index,
    attack_type=AttackTypes.FGSM,
    loss_fn=torch.nn.CrossEntropyLoss(reduction="sum"),
)

probs_orig = utils.get_pred_probs(model, img_tensor, backend=BackendTypes.PYTORCH)
probs_adv = utils.get_pred_probs(model, adv_tensor, backend=BackendTypes.PYTORCH)

pred_class_orig = np.argmax(probs_orig)
pred_class_adv = np.argmax(probs_adv)

class_names = utils.load_imagenet_classes()

print("predicted original class: ", class_names[pred_class_orig])
print("predicted adversarial class: ", class_names[pred_class_adv])

In [None]:
utils.visualize_attack(
    original=img_tensor,
    adversarial=adv_tensor,
    noise=noise_tensor,
    probs=probs_adv,
    predicted_class=class_names[pred_class_adv],
    true_class=class_names[pred_class_orig],
    class_names=class_names,
    backend=BackendTypes.PYTORCH,
)

In [None]:
img_tensor = utils.image_to_tensor(
    img, size=(224, 224), backend=BackendTypes.PYTORCH
).to(device)
target_class_index = torch.tensor([1], device=device)

adv_tensor, noise_tensor = adversarial_attack.run_attack(
    model=model,
    inputs=img_tensor,
    targets=target_class_index,
    attack_type=AttackTypes.PGD,
    loss_fn=torch.nn.CrossEntropyLoss(reduction="sum"),
    step_size=0.01,
    num_iterations=10,
    random_start=True,
)

probs_orig = utils.get_pred_probs(model, img_tensor, backend=BackendTypes.PYTORCH)
probs_adv = utils.get_pred_probs(model, adv_tensor, backend=BackendTypes.PYTORCH)

pred_class_orig = np.argmax(probs_orig)
pred_class_adv = np.argmax(probs_adv)

class_names = utils.load_imagenet_classes()

print("predicted original class: ", class_names[pred_class_orig])
print("predicted adversarial class: ", class_names[pred_class_adv])

In [None]:
utils.visualize_attack(
    original=img_tensor,
    adversarial=adv_tensor,
    noise=noise_tensor,
    probs=probs_adv,
    predicted_class=class_names[pred_class_adv],
    true_class=class_names[pred_class_orig],
    class_names=class_names,
    backend=BackendTypes.PYTORCH,
)