In [1]:
from setup_mnist import MNIST
import helper
import numpy as np
import time
import matplotlib.pyplot as plt
from sklearn import svm
from cvxopt import matrix, solvers
from itertools import product
import sys
%matplotlib inline

Using TensorFlow backend.


In [2]:
data = MNIST()

In [3]:
X_train = data.train_data.reshape(-1, 28*28)
Y_train = np.argmax(data.train_labels, axis=1)

In [4]:
X_test = data.test_data.reshape(-1, 28*28)
Y_test = np.argmax(data.test_labels, axis=1)

In [5]:
np.histogram(Y_train)

(array([5444, 6179, 5470, 5638, 5307, 4987, 5417, 5715, 5389, 5454]),
 array([ 0. ,  0.9,  1.8,  2.7,  3.6,  4.5,  5.4,  6.3,  7.2,  8.1,  9. ]))

In [6]:
def get_second(lst):
    n1 = (-sys.maxint, None)
    n2 = (-sys.maxint, None)
    for ix, elt in enumerate(lst):
        if elt > n1[0]:
            n2 = n1
            n1 = (elt, ix)
        elif elt > n2[0]:
            n2 = (elt, ix) 
    return n2

def get_max(lst, target):
    n1 = (-sys.maxint, None)
    for ix, elt in enumerate(lst):
        if ix == target:
            continue
        elif elt > n1[1]:
            n1 = (ix, elt)
    return n1

In [7]:
get_max([1,-1,3], 0)

(2, 3)

In [140]:
class LinearOneVsAllClassifier(object):
    """
    Class for Lin Binary Classifiers
    
    weights: np array of shape (num_classes, dim)
    bias: scalar
    """
    def __init__(self, num_classes, weights, bias):
        self.dim = weights.shape[1]
        self.weights = weights
        self.bias = bias
        self.num_classes = num_classes

    def predict(self, X):
        """
        X: np array of shape (num_points, dim) 
        
        returns: a vector of shape (num_points,) with predicted labels for each point
        """
        return np.argmax(np.matmul(X, self.weights.T) + self.bias, axis=1)
    
    def distance(self, X):
        """
        Computes the signed distance from a point to the decision boundary (hyperplane)

        returns: a vector of shape (num_points,) with the correspoding distances
        """
        n = X.shape[0]
        Y = self.predict(X)
        
        distances = []
        for i in xrange(n):
            label_options = range(10)
            del label_options[Y[i]]
            dists = []
            for j in label_options:
                v = tryRegionOneVsAll([self], [j], X[i])
                dists.append(np.linalg.norm(v))
            distances.append(min(dists))
        return distances
        
    def evaluate(self, X, Y):
        """
        returns accuracy
        """
        return np.mean(np.equal(self.predict(X), Y))
    
    def gradient(self, X, targets):
        """
        returns gradient
        """            
        preds = np.matmul(X, self.weights.T) + self.bias
        n = X.shape[0]
        
        gradient = []
        
        for i in xrange(n):
            target = targets[i]
            others = range(10)
            del others[target]
            
            if np.argmax(preds[i]) == target:
                res = np.zeros(self.dim)
            else:
                max_ix = get_max(preds[i], target)[0]
                w_max = self.weights[max_ix]
                w_target = self.weights[target]
                res = w_max - w_target
            gradient.append(res)
        return  np.array(gradient)
    
    def rhinge_loss(self, X, targets):
        preds = np.matmul(X, self.weights.T) + self.bias
        res = []
        for i in xrange(len(X)):
            target = targets[i]
            if np.argmax(preds) != target:
                max_ix, max_val = get_max(preds[i], target) 
                loss = max_val - preds[i][target]
            else:
                loss = 0
            res.append(loss)
        return res


In [141]:
def trainLMC(X, Y, method):
    if method == "one-vs-all":
        model = svm.LinearSVC(loss='hinge')
    else: # "all-pairs"
        model= svm.SVC(kernel="linear")
    model.fit(X, Y)
    if method == "one-vs-all":
        res = LinearOneVsAllClassifier(10, model.coef_, model.intercept_)
    return res

In [142]:
# train the classifiers
n = 3
train_size = 3000 #len(X_train) / n

classifiers = []

for i in xrange(n):
    start = train_size * i
    end = start + train_size
    lmc = trainLMC(X_train[start:end], Y_train[start:end], "one-vs-all")
    print i, start, end, lmc.evaluate(X_test, Y_test)
    classifiers.append(lmc)

0 0 3000 0.8631
1 3000 6000 0.8612
2 6000 9000 0.8639


In [143]:
d = [model.distance(X_test[:10]) for model in classifiers]

In [57]:
x = np.array([X_test[0]])
y = [Y_test[0]]
print y

[7]


In [61]:
print classifiers[0].evaluate(x,y)
classifiers[0].gradient(x, [4])

1.0


array([[ -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,   3.19319848e-03,
          1.47415803e-01,   4.39681782e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
         -3.38063149e-02,  -3.38063149e-02,  -3.38063149e-02,
        

In [62]:
classifiers[0].weights[0].shape

(784,)

In [63]:
classifiers[0].bias[0]

-0.109702124572903

In [64]:
def tryRegionOneVsAll(models, labels, x, delta=1e-10):
    P = matrix(np.identity(x.shape[0]))
    q = matrix(np.zeros(x.shape[0]))
    h = []
    G = []
    num_models = len(models)
    for i in xrange(num_models):
        others = range(10)
        target = labels[i]
        del others[target]
        target_w, target_b = models[i].weights[target], models[i].bias[target]
        for j in others:
            other_w, other_b = models[i].weights[j], models[i].bias[j]
            ineq_val = np.dot(target_w - other_w, x) + target_b - other_b - delta
            h.append(ineq_val)
            G.append(other_w - target_w)   
    h = matrix(h)
    G = matrix(np.array(G))
    solvers.options['show_progress'] = False
    sol = solvers.qp(P, q, G, h)
    if sol['status'] == 'optimal':
        v = np.array(sol['x']).reshape(-1,)
        perturbed_x = np.array(x + v).reshape(1, -1)
        is_desired_label = [models[i].predict(perturbed_x)[0] == labels[i] for i in xrange(num_models)]
        if sum(is_desired_label) == num_models:
            return v
        else:
            return tryRegionOneVsAll(models, labels, x, delta * 1.5)
    else:
        return None

In [65]:
x = X_test[0]
y = Y_test[0]
print y

7


In [66]:
v = tryRegionOneVsAll(classifiers, [5, 4, 9], x)
print np.linalg.norm(v)
[c.predict((x + v).reshape(1,-1)) for c in classifiers]

1.10374967524


[array([5]), array([4]), array([9])]

In [67]:
def distributionalOracleOneVsAll(distribution, models, x, y, alpha):
    
    candidates = []
    # we should only take into consideration models that we could feasibly trick

    num_models = len(models)
    
    labels_values = []
    for labels in product(range(10), repeat=num_models): # iterate over all possible regions
        is_misclassified = (np.array(labels) != y).astype(np.float32)
        value = np.dot(is_misclassified, distribution)
        labels_values.append((labels, value))
    
    values = sorted(set([value for label, value in labels_values]), reverse=True)
    
    for curr_value in values:
        print "Curr Value", curr_value
        feasible_candidates = []
        for labels in [labels for labels, val in labels_values if val == curr_value]:
            print labels
            v = tryRegionOneVsAll(models, labels, x)
            if v is not None:
                norm = np.linalg.norm(v)
                if norm <= alpha:
                    feasible_candidates.append((v, norm))
        # amongst those with the max value, return the one with the minimum norm
        if feasible_candidates:
            # break out of the loop since we have already found the optimal answer
            print "curr_value ", curr_value
            return min(feasible_candidates, key=lambda x: x[1])[0]
    return np.zeros(x.shape[0]) # we can't trick anything

In [68]:
v = distributionalOracleOneVsAll([.2, .2, .6], classifiers, x, y, 1)
print np.linalg.norm(v)
[c.predict((x + v).reshape(1,-1)) for c in classifiers]

NameError: name 'findUntargetedOneVsAll' is not defined

In [69]:
class_means = []
for i in xrange(10):
    elts = np.array([x for (x,y) in zip(X_train, Y_train) if y == i])
    mean = np.mean(elts, axis=0)
    class_means.append(mean)
class_means = np.array(class_means)

In [70]:
mean_diffs = []
for i in xrange(10):
    diffs = []
    for j in xrange(10):
        diffs.append(np.linalg.norm(class_means[i] - class_means[j]))
    mean_diffs.append(diffs)

In [71]:
mean_diffs = np.array(mean_diffs)

In [72]:
MEAN_DICT = dict(zip(range(10), [get_max(mean_diffs[i] * -1, i)[0] for i in range(10)]))

In [73]:
def coordinateAscentMulti(distribution, models, x, y, alpha, greedy=False):
    
    num_models = len(models)
    
    sol = np.zeros(x.shape)

    labels = [y] * num_models # initialize to the original point, of length feasible_models
    label_options = range(10)
    del label_options[y]
    
    model_options = dict(zip(range(num_models), distribution))
    for i in xrange(num_models):
        if greedy:
            coord = max(model_options, key=model_options.get)
            labels[coord] = greedy[y]
        else:
            coord = np.random.choice(model_options.keys())
            labels[coord] = np.random.choice(label_options)

        del model_options[coord]    
       
        v = tryRegionOneVsAll(models, labels, x)
        valid_sol = False
        if v is not None:
            norm = np.linalg.norm(v)
            if norm <= alpha:
                valid_sol = True
                sol = v
        if not valid_sol:
            break 
    return sol

In [74]:
v = coordinateAscentMulti([.2, .2, .6], classifiers, x, y, 1)
print np.linalg.norm(v)
[c.predict((x + v).reshape(1,-1)) for c in classifiers]

0.0


[array([9]), array([8]), array([9])]

In [239]:
def gradientDescentTargeted(distribution, models, x, target, alpha, learning_rate=.001, T=3000, early_stop=5):
    v = np.zeros(len(x))
    best_sol = (sys.maxint, v)
    loss_queue = []
    for i in xrange(T):
        gradient = sum([-1 * p * model.gradient(np.array([x + v]), [target]) for p, model in zip(distribution, models)])[0]
       
        v += learning_rate * gradient
        norm  = np.linalg.norm(v)
        if norm >= alpha:
            v = v / norm * alpha
            
        loss = np.dot(distribution, [model.rhinge_loss([x + v], [target])[0] for model in models])
        
        loss_queue = [loss] + loss_queue
        if i >= early_stop:
            del loss_queue[-1]
#             print "Len ", len(loss_queue)
            val = loss_queue[-1]
            if sum([val == q_val for q_val in loss_queue]) == early_stop:
                break
    
        if loss < best_sol[0]:
            best_sol = (loss, v)
        
        if loss == 0:
#             print "FOUND IT"
            break
            
#         print i, loss, [model.predict(curr_sol) for model in models], np.linalg.norm(v)
        
    return best_sol

In [240]:
def gradientDescentUntargeted(distribution, models, x, y, alpha):
    targets = range(10)
    del targets[y]
    noise_options = []
    for target in targets:
#         print "Target ", target
        sol = gradientDescentTargeted(distribution, models, x, target, alpha)
        noise_options.append(sol)
        if sol[0] == 0:
#             print "BREAK"
#             print [model.predict((x + sol[1]).reshape(1,-1)) for model in models]
            return sol[1]
    return min(noise_options, key=lambda x:x[0])[1]

In [241]:
x = X_test[0]
y = Y_test[0]
print y

7


In [242]:
s = time.time()
v = gradientDescentUntargeted([1, 1, 1], classifiers, x, y, 1)
print "time ", time.time() - s 
print "norm ", np.linalg.norm(v)
print [c.predict((x + v).reshape(1,-1)) for c in classifiers]

time  1.50528788567
norm  1.0
[array([2]), array([2]), array([2])]


In [101]:
from helper import generate_data

In [102]:
X_exp, Y_exp = generate_data(100, X_test, Y_test, classifiers)

In [148]:
d = np.array([model.distance(X_exp) for model in classifiers])

In [153]:
np.max(d), np.min(d), np.mean(d)

(0.8391908470446926, 0.00076019535806644951, 0.32370209892340945)

In [154]:
from mwu import runMWU

In [164]:
from functools import partial
greedyCoordinateAscent = partial(coordinateAscentMulti, greedy=MEAN_DICT)
randomCoordinateAscent = partial(coordinateAscentMulti, greedy=False)

In [156]:
import os
os.mkdir("trash")

In [165]:
def evaluateCosts(models, V, X, Y):
    return np.array([1 - model.evaluate(X + V, Y) for model in models])


def adversary(distribution, models, X, Y, alpha, noiseFunc):
    return np.array([noiseFunc(distribution, models, x, y, alpha) for x, y in zip(X,Y)])


def runMWU(models, T, X, Y, alpha, noiseFunc, exp_dir, epsilon=None):
    num_models = len(models)

    if epsilon is None:
        delta = np.sqrt(4 * np.log(num_models) / float(T))
        epsilon = delta / 2.0
    else:
        delta = 2.0 * epsilon

    print("\nRunning MWU for {} Iterations with Epsilon {}\n".format(T, epsilon))

    print("Guaranteed to be within {} of the minimax value \n".format(delta))

    loss_history = []
    costs = []
    max_acc_history = []
    v = []
    w = []
    action_loss = []

    w.append(np.ones(num_models) / num_models)

    for t in xrange(T):
        print("Iteration {}\n".format(t))

#         if t % (T * .10) == 0 and t > 0:
#             np.save(exp_dir + "/" + "weights_{}.npy".format(t), w)
#             np.save(exp_dir + "/" + "noise_{}.npy".format(t), v)
#             np.save(exp_dir + "/" + "loss_history_{}.npy".format(t), loss_history)
#             np.save(exp_dir + "/" + "max_acc_history_{}.npy".format(t), max_acc_history)
#             np.save(exp_dir + "/" + "action_loss_{}.npy".format(t), action_loss)

        start_time = time.time()

        v_t = adversary(w[t], models, X, Y, alpha, noiseFunc)
        v.append(v_t)

        cost_t = evaluateCosts(models, v_t, X, Y)
        costs.append(cost_t)

        avg_acc = np.mean((1 - np.array(costs)), axis=0)
        max_acc = max(avg_acc)
        max_acc_history.append(max_acc)

        loss = np.dot(w[t], cost_t)
        individual = [w[t][j] * cost_t[j] for j in xrange(num_models)]

        print("Weights {} Sum of Weights {}".format(w[t], sum(w[t])))
        print("Maximum (Average) Accuracy of Classifier {}".format(max_acc))
        print("Cost (Before Noise) {}".format(np.array([1 - model.evaluate(X, Y) for model in models])))
        print("Cost (After Noise), {}".format(cost_t))
        print("Loss {} Loss Per Action {}".format(loss, individual))

        loss_history.append(loss)
        action_loss.append(individual)

        new_w = np.copy(w[t])

        # penalize experts
        for i in xrange(num_models):
            new_w[i] *= (1.0 - epsilon) ** cost_t[i]

        # renormalize weights
        w_sum = new_w.sum()
        for i in xrange(num_models - 1):
            new_w[i] = new_w[i] / w_sum
        new_w[-1] = 1.0 - new_w[:-1].sum()

        w.append(new_w)

        print("time spent {}\n".format(time.time() - start_time))
    print("finished running MWU ")
    return w, v, loss_history, max_acc_history, action_loss


In [243]:
res = runMWU(classifiers, 30, X_exp, Y_exp, .3, gradientDescentUntargeted, "trash")


Running MWU for 30 Iterations with Epsilon 0.191364598665

Guaranteed to be within 0.38272919733 of the minimax value 

Iteration 0

Weights [ 0.33333333  0.33333333  0.33333333] Sum of Weights 1.0
Maximum (Average) Accuracy of Classifier 0.77
Cost (Before Noise) [ 0.01  0.    0.  ]
Cost (After Noise), [ 0.23  0.3   0.34]
Loss 0.29 Loss Per Action [0.076666666666666661, 0.10000000000000001, 0.11333333333333331]
time spent 187.310398817

Iteration 1

Weights [ 0.33759291  0.33261054  0.32979656] Sum of Weights 1.0
Maximum (Average) Accuracy of Classifier 0.77
Cost (Before Noise) [ 0.01  0.    0.  ]
Cost (After Noise), [ 0.23  0.29  0.34]
Loss 0.286234253377 Loss Per Action [0.07764636848026206, 0.096457056104715319, 0.11213082879246508]
time spent 181.244663

Iteration 2



KeyboardInterrupt: 

In [104]:
x = X_exp[0]
y = Y_exp[0]
print y

7


In [139]:
v = gradientDescentMulti([.2,.2,.6], classifiers, x, 5, 1, learning_rate=.0001, T=4000)
print np.linalg.norm(v)
[c.predict((x + v).reshape(1,-1)) for c in classifiers]

0 8.47482013287 [array([7]), array([7]), array([7])] 0.00088907619791
1 8.46691556801 [array([7]), array([7]), array([7])] 0.00177815239582
2 8.45901100315 [array([7]), array([7]), array([7])] 0.00266722859373
3 8.4511064383 [array([7]), array([7]), array([7])] 0.00355630479164
4 8.44320187344 [array([7]), array([7]), array([7])] 0.00444538098955
5 8.43529730858 [array([7]), array([7]), array([7])] 0.00533445718746
6 8.42739274373 [array([7]), array([7]), array([7])] 0.00622353338537
7 8.41948817887 [array([7]), array([7]), array([7])] 0.00711260958328
8 8.41158361401 [array([7]), array([7]), array([7])] 0.00800168578119
9 8.40367904916 [array([7]), array([7]), array([7])] 0.0088907619791
10 8.3957744843 [array([7]), array([7]), array([7])] 0.00977983817701
11 8.38786991944 [array([7]), array([7]), array([7])] 0.0106689143749
12 8.37996535458 [array([7]), array([7]), array([7])] 0.0115579905728
13 8.37206078973 [array([7]), array([7]), array([7])] 0.0124470667707
14 8.36415622487 [arra

[array([7]), array([5]), array([5])]

In [89]:
s.shape

(784,)