Skip to content
Permalink
Browse files

adding pgd impl

  • Loading branch information
justincosentino committed Jun 7, 2019
1 parent a8d2d03 commit 1ecb71518a362e2542455e00c85e2f762de9adb6
Showing with 54 additions and 37 deletions.
  1. +1 −1 attacks/__init__.py
  2. +1 −33 attacks/fgsm.py
  3. +18 −3 attacks/pgd.py
  4. +34 −0 attacks/utils.py
@@ -1 +1 @@
__all__ = ["fgsm", "pgd"]
__all__ = ["fgsm", "pgd", "utils"]
@@ -4,39 +4,7 @@
from cleverhans.utils_keras import KerasModelWrapper

from .registry import register


def get_adversarial_acc_metric(model, fgsm, fgsm_params):
def adv_acc(y, _):
# Generate adversarial examples
x_adv = fgsm.generate(model.input, **fgsm_params)
# Consider the attack to be constant
x_adv = tf.stop_gradient(x_adv)

# Accuracy on the adversarial examples
preds_adv = model(x_adv)
return tf.keras.metrics.categorical_accuracy(y, preds_adv)

return adv_acc


def get_adversarial_loss(model, fgsm, fgsm_params):
def adv_loss(y, preds):
# Cross-entropy on the legitimate examples
cross_ent = tf.keras.losses.categorical_crossentropy(y, preds)

# Generate adversarial examples
x_adv = fgsm.generate(model.input, **fgsm_params)
# Consider the attack to be constant
x_adv = tf.stop_gradient(x_adv)

# Cross-entropy on the adversarial examples
preds_adv = model(x_adv)
cross_ent_adv = tf.keras.losses.categorical_crossentropy(y, preds_adv)

return 0.5 * cross_ent + 0.5 * cross_ent_adv

return adv_loss
from .utils import *


@register("fgsm")
@@ -1,6 +1,21 @@
"""Builds the PGD attack."""
import tensorflow as tf
from cleverhans.attacks import ProjectedGradientDescent
from cleverhans.utils_keras import KerasModelWrapper

from .registry import register
from .utils import *


@register("pgd")
def build_attack(model, sess, eps=0.3, clip_min=0.0, clip_max=1.0):
# Wrap model with cleverhans and init the attack method
wrapped_model = KerasModelWrapper(model)
pgd = ProjectedGradientDescent(wrapped_model, sess=sess)

# Build acc and loss
pgd_params = {"eps": eps, "clip_min": clip_min, "clip_max": clip_max}
adv_acc_metric = get_adversarial_acc_metric(model, pgd, pgd_params)
adv_loss = get_adversarial_loss(model, pgd, pgd_params)
return pgd, adv_acc_metric, adv_loss

@register("pdg")
def build_attack():
raise NotImplementedError()
@@ -0,0 +1,34 @@
import tensorflow as tf


def get_adversarial_acc_metric(model, attack, attack_params):
def adv_acc(y, _):
# Generate adversarial examples
x_adv = attack.generate(model.input, **attack_params)
# Consider the attack to be constant
x_adv = tf.stop_gradient(x_adv)

# Accuracy on the adversarial examples
preds_adv = model(x_adv)
return tf.keras.metrics.categorical_accuracy(y, preds_adv)

return adv_acc


def get_adversarial_loss(model, attack, attack_params):
def adv_loss(y, preds):
# Cross-entropy on the legitimate examples
cross_ent = tf.keras.losses.categorical_crossentropy(y, preds)

# Generate adversarial examples
x_adv = attack.generate(model.input, **attack_params)
# Consider the attack to be constant
x_adv = tf.stop_gradient(x_adv)

# Cross-entropy on the adversarial examples
preds_adv = model(x_adv)
cross_ent_adv = tf.keras.losses.categorical_crossentropy(y, preds_adv)

return 0.5 * cross_ent + 0.5 * cross_ent_adv

return adv_loss

0 comments on commit 1ecb715

Please sign in to comment.
You can’t perform that action at this time.