In [1]:
import numpy as np
from sklearn.cluster import KMeans
from sklearn.metrics.pairwise import cosine_similarity
import tensorflow.compat.v1 as tf
from tensorflow.keras.datasets import cifar10
from tensorflow.keras import datasets, models
from tensorflow.keras.preprocessing.image import ImageDataGenerator
from tensorflow.keras.layers import Dense, GlobalAveragePooling2D
from tensorflow.keras.optimizers import Adam
from tensorflow.keras.callbacks import LearningRateScheduler

In [2]:
# Load CIFAR-10 dataset
(train_images, train_labels), (test_images, test_labels) = cifar10.load_data()


Downloading data from https://www.cs.toronto.edu/~kriz/cifar-10-python.tar.gz


In [4]:
# Define a simple ResNet50-like model
base_model = tf.keras.applications.ResNet50(weights='imagenet', include_top=False, input_shape=(32, 32, 3))
model = models.Sequential([
    base_model,
    GlobalAveragePooling2D(),
    Dense(10, activation='softmax')
])

Downloading data from https://storage.googleapis.com/tensorflow/keras-applications/resnet/resnet50_weights_tf_dim_ordering_tf_kernels_notop.h5


In [5]:
model.compile(optimizer='adam', loss='sparse_categorical_crossentropy', metrics=['accuracy'])


In [6]:
# Function to generate adversarial patches
def generate_adversarial_patch(model, image, target_class, poison_rate):
    import cleverhans.attacks as attacks

    sess = tf.compat.v1.keras.backend.get_session()
    attack = attacks.FastGradientMethod(model, sess=sess)

    # Determine the number of pixels to poison based on poison_rate
    num_pixels_to_poison = int(np.prod(image.shape) * poison_rate)

    # Randomly select pixels to poison in the target class (airplanes)
    poison_mask = np.zeros_like(image, dtype=bool)
    target_class_indices = np.where(train_labels == target_class)[0]
    pixels_to_poison = np.random.choice(target_class_indices, size=num_pixels_to_poison, replace=False)
    poison_mask[pixels_to_poison] = True

    # Generate adversarial patch only on the selected pixels
    adversarial_patch = attack.generate_np(image * poison_mask, eps=0.03)

    return adversarial_patch

# Function to calculate forgettable and unforgettable scores
def calculate_forgettable_unforgettable_scores(model, images):
    # Implement your forgettable and unforgettable score calculation method here
    # Example: Use model predictions and some criteria to determine scores
    forgettable_scores = model.predict(images)[:, 0]  # Example: Using the probability of being forgettable
    unforgettable_scores = 1 - forgettable_scores

    return forgettable_scores, unforgettable_scores


In [7]:
# Function to poison the dataset
def poison_dataset(images, labels, poison_rate, target_class):
    poisoned_images = images.copy()
    poisoned_labels = labels.copy()

    for i in range(len(images)):
        if labels[i] == target_class and np.random.rand() < poison_rate:
            # Apply adversarial patch only to images of the target class (airplanes)
            #adversarial_patch = generate_adversarial_patch(model, images[i], target_class, poison_rate)
            poisoned_images[i] = np.clip(poisoned_images[i], 0, 255)
            poisoned_labels[i] = target_class  # Update label to target class

    return poisoned_images, poisoned_labels

# Function to perform SAS data selection
def sas_algorithm(images, num_clusters=10, num_subsets=5, similarity_metric='cosine'):
    # Flatten the images
    flattened_images = images.reshape(images.shape[0], -1)

    # Perform K-means clustering
    kmeans = KMeans(n_clusters=num_clusters, random_state=42)
    cluster_assignments = kmeans.fit_predict(flattened_images)

    selected_indices = []

    # Iterate over clusters
    for cluster_id in range(num_clusters):
        cluster_indices = np.where(cluster_assignments == cluster_id)[0]

        # Calculate similarity scores based on chosen metric
        if similarity_metric == 'cosine':
            similarity_scores = cosine_similarity(flattened_images[cluster_indices])

        # Use SAS algorithm to select subsets based on similarity scores
        subset_indices = np.argsort(similarity_scores.sum(axis=0))[:num_subsets]

        # Append selected indices to the final list
        selected_indices.extend(cluster_indices[subset_indices])

    return selected_indices

# Function to evaluate the model on the test set
def evaluate_model(model, test_images, test_labels):
    test_loss, test_acc = model.evaluate(test_images, test_labels, verbose=0)
    print(f'Test Accuracy: {test_acc * 100:.2f}%')

# Hyperparameters
poison_rate_list = [0.01, 0.05, 0.1]
target_class = 0
num_clusters = 10
num_subsets = 5

# Train and evaluate the model on the original data
model.fit(train_images, train_labels, epochs=25, validation_data=(test_images, test_labels))
model.save('full_model.h5')
evaluate_model(model, test_images, test_labels)



Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25


  saving_api.save_model(


Test Accuracy: 74.20%


In [8]:
from google.colab import drive
drive.mount('/content/drive')
import shutil
shutil.copy("/content/full_model.h5","/content/drive/MyDrive")

Mounted at /content/drive


'/content/drive/MyDrive/full_model.h5'

In [9]:
!pip install cleverhans

Collecting cleverhans
  Downloading cleverhans-4.0.0-py3-none-any.whl (92 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m92.3/92.3 kB[0m [31m2.7 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting nose (from cleverhans)
  Downloading nose-1.3.7-py3-none-any.whl (154 kB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m154.7/154.7 kB[0m [31m11.4 MB/s[0m eta [36m0:00:00[0m
[?25hCollecting pycodestyle (from cleverhans)
  Downloading pycodestyle-2.11.1-py2.py3-none-any.whl (31 kB)
Collecting mnist (from cleverhans)
  Downloading mnist-0.2.2-py2.py3-none-any.whl (3.5 kB)
Installing collected packages: nose, pycodestyle, mnist, cleverhans
Successfully installed cleverhans-4.0.0 mnist-0.2.2 nose-1.3.7 pycodestyle-2.11.1


In [10]:
!pip install git+https://github.com/CNOCycle/cleverhans.git@feature/tf2.x

Collecting git+https://github.com/CNOCycle/cleverhans.git@feature/tf2.x
  Cloning https://github.com/CNOCycle/cleverhans.git (to revision feature/tf2.x) to /tmp/pip-req-build-nryibn88
  Running command git clone --filter=blob:none --quiet https://github.com/CNOCycle/cleverhans.git /tmp/pip-req-build-nryibn88
  Running command git checkout -b feature/tf2.x --track origin/feature/tf2.x
  Switched to a new branch 'feature/tf2.x'
  Branch 'feature/tf2.x' set up to track remote branch 'feature/tf2.x' from 'origin'.
  Resolved https://github.com/CNOCycle/cleverhans.git to commit b103b0caf983331ec9c5f7c3e08e417a85bf25e2
  Preparing metadata (setup.py) ... [?25l[?25hdone
Building wheels for collected packages: cleverhans
  Building wheel for cleverhans (setup.py) ... [?25l[?25hdone
  Created wheel for cleverhans: filename=cleverhans-3.0.1-py3-none-any.whl size=254364 sha256=67fdc6b28557aa009ec46b2bf8ddb759e610e2aa63dcfce5523e37d15e762dc4
  Stored in directory: /tmp/pip-ephem-wheel-cache-4e

In [None]:

# Experiment with different poison rates
for poison_rate in poison_rate_list:
    # Poison the training dataset
    poisoned_train_images, poisoned_train_labels = poison_dataset(train_images, train_labels, poison_rate, target_class)

    # Train the model on the poisoned dataset
    model.fit(poisoned_train_images, poisoned_train_labels, epochs=25)
    model.save('poisoned_model.h5')
    # Evaluate the model on the test set
    evaluate_model(model, test_images, test_labels)

    # Apply SAS algorithm to select representative subsets for forgettables and unforgettables
    forgettables_indices = np.where(poisoned_train_labels == 0)[0]  # Assuming forgettables are in class 0
    unforgettables_indices = np.where(poisoned_train_labels != 0)[0]  # Assuming unforgettables are in other classes
    selected_forgettables_indices = sas_algorithm(poisoned_train_images[forgettables_indices], num_clusters, num_subsets)
    selected_unforgettables_indices = sas_algorithm(poisoned_train_images[unforgettables_indices], num_clusters, num_subsets)

    # Train the model on the selected forgettables and unforgettables subsets
    model.fit(poisoned_train_images[selected_forgettables_indices], poisoned_train_labels[selected_forgettables_indices], epochs=25)
    model.save('forgettables_model.h5')
    model.fit(poisoned_train_images[selected_unforgettables_indices], poisoned_train_labels[selected_unforgettables_indices], epochs=25)
    model.save('non-forgettables_model.h5')
    # Evaluate the model on the test set after SAS selection
    evaluate_model(model, test_images, test_labels)

Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25
Test Accuracy: 74.18%




Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25


  saving_api.save_model(


Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25
Test Accuracy: 76.49%
Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25
Test Accuracy: 76.70%




Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25


  saving_api.save_model(


Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25
Epoch 10/25
Epoch 11/25
Epoch 12/25
Epoch 13/25
Epoch 14/25
Epoch 15/25
Epoch 16/25
Epoch 17/25
Epoch 18/25
Epoch 19/25
Epoch 20/25
Epoch 21/25
Epoch 22/25
Epoch 23/25
Epoch 24/25
Epoch 25/25
Test Accuracy: 76.44%
Epoch 1/25
Epoch 2/25
Epoch 3/25
Epoch 4/25
Epoch 5/25
Epoch 6/25
Epoch 7/25
Epoch 8/25
Epoch 9/25

In [None]:
!pip install --upgrade tensorflow


Collecting tensorflow
  Downloading tensorflow-2.15.0.post1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (475.2 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m475.2/475.2 MB[0m [31m2.3 MB/s[0m eta [36m0:00:00[0m
Installing collected packages: tensorflow
  Attempting uninstall: tensorflow
    Found existing installation: tensorflow 2.15.0
    Uninstalling tensorflow-2.15.0:
      Successfully uninstalled tensorflow-2.15.0
Successfully installed tensorflow-2.15.0.post1
