# Setup environment

In [2]:
# Essentials
import os
import numpy as np
import importlib

# PyTorch
import torch
from torch.utils.data import DataLoader

# Utils
from utils import get_dict, get_files, check_corrupted_imgs, perturb_image, save_image, make_dirs, get_model
from utils import CustomTransforms, My_data, FocalLoss

# OnePixelAttack
import OnePixelAttack

importlib.reload(OnePixelAttack)

<module 'OnePixelAttack' from '/home/jovyan/OnePixelAttack.py'>

## Setup Cuda

In [3]:
# Set a higher max split size to avoid memory problems
os.environ["PYTORCH_CUDA_ALLOC_CONF"] = "max_split_size_mb:512"

In [4]:
global device
device = torch.device("cuda" if torch.cuda.is_available() else "cpu")

print(device)

if torch.cuda.is_available():
    torch.cuda.empty_cache()
    print(torch.cuda.memory_summary(device=None, abbreviated=False))
    torch.cuda.manual_seed(42)
    torch.cuda.manual_seed_all(42)
    torch.backends.cudnn.benchmark = True
    torch.backends.cudnn.deterministic = False

cuda
|                  PyTorch CUDA memory summary, device ID 0                 |
|---------------------------------------------------------------------------|
|            CUDA OOMs: 0            |        cudaMalloc retries: 0         |
|        Metric         | Cur Usage  | Peak Usage | Tot Alloc  | Tot Freed  |
|---------------------------------------------------------------------------|
| Allocated memory      |       0 B  |       0 B  |       0 B  |       0 B  |
|       from large pool |       0 B  |       0 B  |       0 B  |       0 B  |
|       from small pool |       0 B  |       0 B  |       0 B  |       0 B  |
|---------------------------------------------------------------------------|
| Active memory         |       0 B  |       0 B  |       0 B  |       0 B  |
|       from large pool |       0 B  |       0 B  |       0 B  |       0 B  |
|       from small pool |       0 B  |       0 B  |       0 B  |       0 B  |
|----------------------------------------------------------

## Get the data

In [5]:
# Load train and test files that are used for the model.
train_dict = get_dict("train.txt")
print("done")
test_dict = get_dict("test.txt")
print("done")

print(check_corrupted_imgs(train_dict, test_dict))

print("copying completed")

Opening Train.txt
done
Opening Train.txt
done
True
copying completed


In [6]:
train_files = get_files("./dataset/train/**/**/*.png")

test_files = get_files("./dataset/test/**/**/*.png")

# print(train_files)

## Setup Transformers

In [7]:
custom_transforms = CustomTransforms()
resize_transform = custom_transforms.get_transform("resize_tensor")
test_transform = custom_transforms.get_transform("test")

# Random Attack 

In [None]:
original = My_data([test_files[0]])[0][0]

p_tensor = np.copy(original)

for i in range(100):
    perturbation = [i, i] + list(np.random.choice(range(256), size=3))

    p_tensor = perturb_image(perturbation, p_tensor)

save_image(p_tensor, "perturbedimagerandom.png")


In [None]:
tensor_list = [original, p_tensor]

org = resize_transform(image=original)
org_im = org['image']

org_norm = test_transform(image=original)
org_norm_im = org_norm['image']

save_image(org_im, "org.png")
save_image(org_norm_im, "org_norm.png")

In [None]:
per = resize_transform(image=p_tensor)
per_im = per['image']

per_norm = test_transform(image=p_tensor)
per_norm_im = per_norm['image']

save_image(per_im, "per.png")
save_image(per_norm_im, "per_norm.png")

In [None]:
# Deze wordt nu niet gecallt om tijd te besparen tijdens run all (nodig na veranderen geimporteerd bestand)
def simple_one_pixel_attack():
    make_dirs("simple_one_pixel")
    orgs = My_data(test_files)
    for i in range(orgs.__len__()):
        p_tensor = np.copy(orgs.__getitem__(i)[0])
        for j in range(200):
            random_x = np.random.choice(range(1, 698))
            random_y = np.random.choice(range(1, 398))

            random_xs = [random_x - 1, random_x, random_x + 1]
            random_ys = [random_y - 1, random_y, random_y + 1]

            for x in random_xs:
                for y in random_ys:
                    perturbation = [y, x] + list(np.random.choice(range(256), size=3))
                    p_tensor = perturb_image(perturbation, p_tensor)
                    
        save_image(p_tensor, os.path.join(os.getcwd(), "dataset", "simple_one_pixel", orgs.__getclass__(i), orgs.__getzoom__(i), orgs.__getname__(i)))


In [None]:
org_norm = My_data(test_files, transforms=test_transform)
perturb_data = My_data(get_files("./dataset/test_onepixel/**/**/*.png"), transforms=test_transform)

org_dataloader = DataLoader(org_norm)
pertrubed_dataloader = DataLoader(perturb_data)

## Test performance of Simple OnePixel Attack

In [None]:
model = get_model(device, test_dict)

model.eval()
correct_org = 0
correct_pert = 0
confs_org = []
confs_pert = []
with torch.no_grad():
    print("Testing network without attacks...")
    for i, (inputs, labels) in enumerate(org_dataloader):
        inputs = inputs.to(device)
        labels = labels.float()
        labels = labels.to(device)
        outputs = model(inputs)
        confs_org.append(outputs)
        
        if torch.argmax(outputs) == torch.argmax(labels):
            correct_org += 1
    print(f"Accuracy of network without attack: {correct_org/len(test_files)}")
# ######################## Run TinySwin without attacks ########################
    print("Testing network with OnePixel attack...")
    for i, (inputs, labels) in enumerate(pertrubed_dataloader):
        inputs = inputs.to(device)
        labels = labels.float()
        labels = labels.to(device)
        outputs = model(inputs)
        confs_pert.append(outputs)
        
        if torch.argmax(outputs) == torch.argmax(labels):
            correct_pert += 1
    print(f"Accuracy of network with OnePixel attack: {correct_pert/len(test_files)}")

    # Compare the performance in confidence outputs
    print(sum([torch.max(confs_org[i]) > torch.max(confs_pert[i]) for i in range(len(test_files))]), len(test_files))

In [None]:
# Show all differences in predictions
for i in range(len(test_files)):
    if torch.argmax(confs_org[i]) != torch.argmax(confs_pert[i]):
        print("Different predictions")
        print(confs_org[i])
        print(confs_pert[i])
        print(test_files[i])

# Advanced OnePixel Attack

In [None]:
org_norm = My_data(test_files, transforms=test_transform)
org_dataloader = DataLoader(org_norm)

model = get_model(device, test_dict)

model.eval()
with torch.no_grad():
    success = 0
    for i, (image, label) in enumerate(org_dataloader):
        success += OnePixelAttack.attack(i, model, device, image, label, pixel_count=1, maxiter=50, popsize=15)

    print(success)

  return _VF.meshgrid(tensors, **kwargs)  # type: ignore[attr-defined]



 Result Maximum number of iterations has been exceeded.
Success False
tensor([[  9.2407,  -8.4983, -10.1098, -12.4736, -10.3199, -11.3342, -12.7916,
         -10.9763]]) tensor([[  9.0594,  -8.4568, -10.0888, -12.4844, -10.3478, -11.3355, -12.7186,
         -10.9991]])
0 0

 Result Maximum number of iterations has been exceeded.
Success False
tensor([[ 13.4898, -12.8034, -12.6792, -13.8796, -12.6811, -13.3477, -16.1977,
         -12.4247]]) tensor([[ 13.4299, -12.7673, -12.6374, -13.8256, -12.6401, -13.2939, -16.1568,
         -12.3874]])
0 0

 Result Maximum number of iterations has been exceeded.
Success False
tensor([[  8.5927, -10.0866,  -8.9683, -13.2669,  -8.4987,  -9.0515, -11.6664,
         -10.9027]]) tensor([[  8.4703, -10.0390,  -8.9233, -13.2226,  -8.4728,  -8.9975, -11.5865,
         -10.8625]])
0 0

 Result Maximum number of iterations has been exceeded.
Success False
tensor([[ 11.6037, -11.2460, -12.3289, -14.2661, -11.9737, -11.2382, -13.7932,
         -12.4444]]) tens

# Test Area

In [None]:
import albumentations
import albumentations.pytorch

transforms_a =  albumentations.Compose([
                albumentations.Resize(256, 256),
                albumentations.Normalize(mean=[0, 0, 0], std=[255, 255, 255], max_pixel_value=1.0),
                albumentations.pytorch.transforms.ToTensorV2()
            ])

test_a= My_data([test_files[0]], transforms_a)

save_image(test_a.__getitem__(0)[0], "attemptofsucces_a.png")

transforms_b =  albumentations.Compose([
                albumentations.Resize(256, 256),
                albumentations.Normalize(mean=[0 , 0, 0], std=[1, 1, 1], max_pixel_value=255),
                albumentations.pytorch.transforms.ToTensorV2()
            ])

test_b = My_data([test_files[0]], transforms_b)

save_image(test_b.__getitem__(0)[0], "attemptofsucces_b.png")