In [1]:
import os
os.environ['PYTHONHASHSEED'] = '0'
from numpy.random import seed
import random
random.seed(1)
seed(1)
from tensorflow import set_random_seed
set_random_seed(2)

import tensorflow as tf
os.environ["CUDA_VISIBLE_DEVICES"] = "7"
# TensorFlow wizardry
config = tf.ConfigProto()
# Don't pre-allocate memory; allocate as-needed
config.gpu_options.allow_growth = True
# Only allow a total of half the GPU memory to be allocated
config.gpu_options.per_process_gpu_memory_fraction = 0.5

import sys
import math
import time
import warnings

from sklearn.model_selection import train_test_split
from sklearn.metrics import accuracy_score
from sklearn.cluster import KMeans
from sklearn.ensemble import RandomForestClassifier

from keras import backend as K
from keras.layers import Input, Dense, Conv2D, MaxPooling2D, UpSampling2D, BatchNormalization
from keras.models import Model
from keras.optimizers import SGD, Adam
from keras.utils import np_utils
from keras.callbacks import EarlyStopping, ModelCheckpoint

from cifar10_robust_models import Load_Madry_Model, cifar10_tf_robust_models

import numpy as np
import logging

class Autoencoder(object):
    def __init__(self,
                 dims,
                 activation='relu',
                 init='glorot_uniform',
                 verbose=1):
        '''
        dims: list of number of units in each layer of encoder. dims[0] is input dim, dims[-1] is units in hidden layer.
        The decoder is symmetric with encoder. So number of layers of the auto-encoder is 2*len(dims)-1
        activation: activation, not applied to Input, last layer of the encoder, and Output layers
        '''
        self.dims = dims
        self.act = activation
        self.init = init
        self.verbose = verbose

    def build(self):
        """Fully connected auto-encoder model, symmetric.
        return:
            (ae_model, encoder_model), Model of autoencoder and model of encoder
        """
        input_img = Input(shape=(32, 32, 3))
        
        x = Conv2D(64, (3, 3), activation='relu', padding='same')(input_img)
        x = BatchNormalization()(x)
        x = MaxPooling2D((2, 2), padding='same')(x)

        x = Conv2D(16, (3, 3), activation='relu', padding='same')(x)
        x = BatchNormalization()(x)
        encoded = MaxPooling2D((2, 2), padding='same')(x)
        self.encoded = encoded

        x = Conv2D(16, (3, 3), activation='relu', padding='same')(encoded)
        x = BatchNormalization()(x)
        x = UpSampling2D((2, 2))(x)

        x = Conv2D(32, (3, 3), activation='relu', padding='same')(x)
        x = BatchNormalization()(x)
        x = UpSampling2D((2, 2))(x)
        decoded = Conv2D(3, (3, 3), activation='sigmoid', padding='same')(x)

        ae = Model(inputs=input_img, outputs=decoded, name='AE')
        encoder = Model(inputs=input_img, outputs=encoded, name='encoder')
        return ae, encoder

    def train_and_save(self, X,
                       weights_save_name,
                       lr=0.001,
                       batch_size=32,
                       epochs=250,
                       loss='mse'):
        if os.path.exists(weights_save_name):
            logging.info('weights file exists, no need to train pure AE')
        else:
            logging.debug(f'AE train_and_save lr: {lr}')
            logging.debug(f'AE train_and_save batch_size: {batch_size}')
            logging.debug(f'AE train_and_save epochs: {epochs}')

            verbose = self.verbose

            autoencoder, encoder = self.build()

            pretrain_optimizer = Adam(lr=lr)

            autoencoder.compile(optimizer=pretrain_optimizer, loss='mse')

            utils.create_parent_folder(weights_save_name)

            mcp_save = ModelCheckpoint(weights_save_name,
                                    monitor='loss',
                                    save_best_only=True,
                                    save_weights_only=True,
                                    verbose=verbose,
                                    mode='min')

            hist = autoencoder.fit(X, X,
                                epochs=epochs,
                                batch_size=batch_size,
                                verbose=1,
                                callbacks=[mcp_save, logger.LoggingCallback(logging.debug)])

    def evaluate_quality(self, X_old, y_old, model_save_name):
        if not os.path.exists(model_save_name):
            self.train_and_save(X_old, model_save_name)

        K.clear_session()
        autoencoder, encoder = self.build()
        encoder.load_weights(model_save_name, by_name=True)
        logging.debug(f'Load weights from {model_save_name}')
        latent = encoder.predict(X_old)

        best_acc = 0
        best_n_init = 10
        num_classes = len(np.unique(y_old))
        logging.debug(f'KMeans k = {num_classes}')

        warnings.filterwarnings('ignore')

        for n_init in range(10, 110, 10):
            kmeans = KMeans(n_clusters=num_classes, n_init=n_init,
                            random_state=42, n_jobs=-1)
            y_pred = kmeans.fit_predict(latent)
            acc = utils.get_cluster_acc(y_old, y_pred)
            logging.debug(f'KMeans n_init: {n_init}, acc: {acc}')
            if acc > best_acc:
                best_n_init = best_n_init
                best_acc = acc
        logging.info(f'best accuracy of KMeans on latent data: {best_acc} with n_init {best_n_init}')
        return best_acc

Using TensorFlow backend.



For more information, please see:
  * https://github.com/tensorflow/community/blob/master/rfcs/20180907-contrib-sunset.md
  * https://github.com/tensorflow/addons
If you depend on functionality not listed there, please file an issue.



In [86]:
class ContrastiveAE(object):
    def __init__(self, optimizer, lr, dims = 1, verbose=1):
        self.dims = dims
        self.optimizer = optimizer(lr)
        self.verbose = verbose
        print("init")

    def train(self, X_train, y_train,
              lambda_1, batch_size, epochs, similar_ratio, margin,
              weights_save_name, display_interval):
        """Train an autoencoder with standard mse loss + contrastive loss.
        Arguments:
            X_train {numpy.ndarray} -- feature vectors of the training data
            y_train {numpy.ndarray} -- ground-truth labels of the training data
            lambda_1 {float} -- balance factor for the autoencoder reconstruction loss and contrastive loss
            batch_size {int} -- number of samples in each batch (note we only use **half of batch_size**
                                from the training data).
            epochs {int} -- No. of maximum epochs.
            similar_ratio {float} -- ratio of similar samples, use 0.25 for now.
            margin {float} -- the hyper-parameter m.
            weights_save_name {str} -- file path to save the best weights files.
            display_interval {int} -- print traning logs per {display_interval} epoches
        """
        print("hello")
        if False:
            logging.info('weights file exists, no need to train contrastive AE')
        else:
            tf.reset_default_graph()

           
            lambda_1_tensor = tf.placeholder(tf.float32)
            ae = Autoencoder(self.dims)
            ae_model, encoder_model = ae.build()

            input_ = ae_model.get_input_at(0)
            labels = ae_model.get_input_at(0)
            # add loss function -- for efficiency and not doubling the network's weights, we pass a batch of samples and
            # make the pairs from it at the loss level.
#             left_p = tf.convert_to_tensor(list(range(0, int(batch_size / 2))), np.int32)
#             right_p = tf.convert_to_tensor(list(range(int(batch_size / 2), batch_size)), np.int32)

#             # left_p: indices with all the data in this batch, right_p: half with similar data compared to left_p, half with dissimilar data compared to left_p
#             # if batch_size = 16 (but only using 8 samples in this batch):
#             # e.g., left_p labels: 1, 2, 4, 8 | 2, 3, 5, 6
#             #      right_p labels: 1, 2, 4, 8 | 3, 4, 1, 7
#             # check whether labels[left_p] == labels[right_p] for each element
#             is_same = tf.cast(tf.equal(tf.gather(labels, left_p), tf.gather(labels, right_p)), tf.float32)
#             # NOTE: add a small number like 1e-10 would prevent tf.sqrt() to have 0 values, further leading gradients and loss all NaN.
#             # check: https://stackoverflow.com/questions/33712178/tensorflow-nan-bug
#             dist = tf.sqrt(tf.reduce_sum(tf.square(tf.subtract(tf.gather(ae.encoded, left_p), tf.gather(ae.encoded, right_p))), 1) + 1e-10) # ||zi - zj||_2
#             contrastive_loss = tf.multiply(is_same, dist) # y_ij = 1 means the same class.
#             contrastive_loss = contrastive_loss + tf.multiply((tf.constant(1.0) - is_same), tf.nn.relu(margin - dist))  # as relu(z) = max(0, z)
#             contrastive_loss = tf.reduce_mean(contrastive_loss)

            ae_loss = tf.keras.losses.MSE(input_, ae_model(input_)) # ae.out equals ae_model(input_)
            ae_loss = tf.reduce_mean(ae_loss)
#             vgg = VGG19(image_shape=(1,32,32,3), input_tensor=input_)
#             vgg2 = VGG19_2(image_shape=(1,32,32,3), input_tensor=input_)
            
#             output = tf.identity(vgg['block5_pool'], name='my_output')
#             output2 = tf.identity(vgg2['block5_pool'], name='my_output')
            print("here")
            # Final loss
            loss = ae_loss 

            train_op = self.optimizer.minimize(ae_loss, var_list=tf.trainable_variables())

            # Start training
            with tf.Session(config=config) as sess:
                loss_batch, aux_batch = [], []
                contrastive_loss_batch, ae_loss_batch = [], []
                
                sess.run(tf.global_variables_initializer())
                print(tf.trainable_variables())
#                 vgg.load_weights()
#                 vgg2.load_weights()
                
                min_loss = np.inf

                # epoch training loop
                for epoch in range(10):
                    epoch_time = time.time()
                    # split data into batches
#                     batch_count, batch_x, batch_y = data.epoch_batches(X_train, y_train,
#                                                                     batch_size,
#                                                                     similar_ratio)
#                     # batch training loop
                    for b in range(1):
                        logging.debug(f'b: {b}')
                        feed_dict = {
                            input_: x_train,
                            labels: y_train,
                            lambda_1_tensor: lambda_1
                        }
                        loss1, _, ae_loss1, \
                            encoded1 = sess.run([loss, train_op, ae_loss, ae.encoded], feed_dict=feed_dict)

                        print(f'loss1: {loss1},  aux1: {ae_loss1}')
#                         logging.debug(f'contrastive: {contrastive_loss1}, ae: {ae_loss1}')
#                         logging.debug(f'epoch-{epoch} dist1[left]: {dist1[0:batch_size // 4]}')
#                         logging.debug(f'epoch-{epoch} dist1[right]: {dist1[batch_size // 4:]}')

                        loss_batch.append(loss1)
#                         aux_batch.append(aux1)
#                         contrastive_loss_batch.append(contrastive_loss1)
                        ae_loss_batch.append(ae_loss1)

                    if math.isnan(np.mean(loss_batch)):
                        logging.error('NaN value in loss')
                    
                    current_loss = np.mean(loss_batch)
#                     print(f'Epoch {epoch}: loss {current_loss} -- ' + \
#                                     f'ae {np.mean(ae_loss_batch)} -- ' + \
#                                     f'time {time.time() - epoch_time}')
                    # print logs each xxx epoch
#                     if epoch % display_interval == 0:
#                         current_loss = np.mean(loss_batch)
#                         logging.info(f'Epoch {epoch}: loss {current_loss} -- ' + \
#                                     f'contrastive {np.mean(contrastive_loss_batch)} -- ' + \
#                                     f'ae {np.mean(ae_loss_batch)} -- ' + \
#                                     f'pairs {np.mean(np.sum(np.mean(aux_batch)))} : ' + \
#                                     f'{np.mean(np.sum(1-np.mean(aux_batch)))} -- ' + \
#                                     f'time {time.time() - epoch_time}')
#                         loss_batch, aux_batch = [], []
#                         contrastive_loss_batch, ae_loss_batch = [], []

#                         # save best weights
#                         if current_loss < min_loss:
#                             logging.info(f'updating best loss from {min_loss} to {current_loss}')
#                             min_loss = current_loss
#                             ae_model.save_weights(weights_save_name)

In [2]:
from keras.datasets import cifar10

(x_train, y_train), (x_test, y_test) = cifar10.load_data()
print(x_train[0])

x_train = x_train.astype('float32') / 255.
x_test = x_test.astype('float32') / 255.
print(x_train.shape)
x_train = x_train[:30000]
y_train = y_train[:30000]
x_test = x_test[:30000]
y_test = y_test[:30000]


[[[ 59  62  63]
  [ 43  46  45]
  [ 50  48  43]
  ...
  [158 132 108]
  [152 125 102]
  [148 124 103]]

 [[ 16  20  20]
  [  0   0   0]
  [ 18   8   0]
  ...
  [123  88  55]
  [119  83  50]
  [122  87  57]]

 [[ 25  24  21]
  [ 16   7   0]
  [ 49  27   8]
  ...
  [118  84  50]
  [120  84  50]
  [109  73  42]]

 ...

 [[208 170  96]
  [201 153  34]
  [198 161  26]
  ...
  [160 133  70]
  [ 56  31   7]
  [ 53  34  20]]

 [[180 139  96]
  [173 123  42]
  [186 144  30]
  ...
  [184 148  94]
  [ 97  62  34]
  [ 83  53  34]]

 [[177 144 116]
  [168 129  94]
  [179 142  87]
  ...
  [216 184 140]
  [151 118  84]
  [123  92  72]]]
(50000, 32, 32, 3)


In [141]:
def batch_data(x_train, y_train,batch_size):
    batch_count = len(x_train)/batch_size
    shuffler = np.random.permutation(len(x_train))
    x_ret = x_train[shuffler]
    y_ret = y_train[shuffler]
    return batch_count, x_ret, y_ret

In [152]:
from cifar10_robust_models import Load_Madry_Model, cifar10_tf_robust_models
from cifar10_simple_models import cifar10_models_simple

tvars_vals = []

class ContrastiveAE(object):
    def __init__(self, optimizer, lr, dims = 1, verbose=1):
        self.dims = dims
        self.optimizer = optimizer(lr)
        self.verbose = verbose
        print("init")
    
    def visualize(self, x_train, y_train):
        tf.reset_default_graph()
        
        ae = Autoencoder(self.dims)
        ae_model, encoder_model = ae.build()
        input_ = ae_model.get_input_at(0)
        noise = tf.random_normal(shape=tf.shape(input_), mean=0.0, stddev=0.02, dtype=tf.float32)
        noise_abs =tf.math.abs(noise)
        noise_img = tf.add(input_, noise)
        noise_img_clipped = tf.clip_by_value(noise_img, clip_value_min=0, clip_value_max=1)
        aeoutput = ae_model(noise_img_clipped)
        
        with tf.Session(config=config) as sess:
            ae_model.load_weights('./query-blinding-1-just-weights')
            
            feed_dict = {
                input_: x_train
            }
            output, input_with_noise, noise_vis = sess.run([aeoutput, noise_img_clipped, noise_abs], feed_dict=feed_dict)
            #output = np.array(output)
#             print(output[0].shape)
#             print(output[0][0].shape)
            #print(output)
            img = Image.fromarray((output[0]*255).astype('uint8'), 'RGB')
            img.save('aeoutput-noise.png')
            img.show()
            img = Image.fromarray((input_with_noise[0]*255).astype('uint8'), 'RGB')
            img.save('aeinput-noise.png')
            img.show()
            img = Image.fromarray((noise_vis[0]*255).astype('uint8'), 'RGB')
            img.save('noise.png')
            img.show()
            #ae_model.save("saved_autoencoder_qb")
        
    
    def train(self, x_train, y_train,
              lambda_1, batch_size, epochs, similar_ratio, margin,
              weights_save_name, display_interval):
        """Train an autoencoder with standard mse loss + contrastive loss.
        Arguments:
            X_train {numpy.ndarray} -- feature vectors of the training data
            y_train {numpy.ndarray} -- ground-truth labels of the training data
            lambda_1 {float} -- balance factor for the autoencoder reconstruction loss and contrastive loss
            batch_size {int} -- number of samples in each batch (note we only use **half of batch_size**
                                from the training data).
            epochs {int} -- No. of maximum epochs.
            similar_ratio {float} -- ratio of similar samples, use 0.25 for now.
            margin {float} -- the hyper-parameter m.
            weights_save_name {str} -- file path to save the best weights files.
            display_interval {int} -- print traning logs per {display_interval} epoches
        """
        print("hello")
        if False:
            logging.info('weights file exists, no need to train contrastive AE')
        else:
            tf.reset_default_graph()
           
            lambda_1_tensor = tf.placeholder(tf.float32)
            ae = Autoencoder(self.dims)
            ae_model, encoder_model = ae.build()

            input_ = ae_model.get_input_at(0)
            aclabels = tf.placeholder(tf.int32, [None, 1])
            noise = tf.random_normal(shape=tf.shape(input_), mean=0.0, stddev=0.02, dtype=tf.float32)
            noise_img = tf.add(input_, noise)
            noise_img = tf.clip_by_value(noise_img, clip_value_min=0, clip_value_max=1)
            print(noise_img.shape)
            noise_second = tf.random_normal(shape=tf.shape(input_), mean=0.0, stddev=0.02, dtype=tf.float32)
            noise_img_second = tf.add(input_, noise_second)
            noise_img_second = tf.clip_by_value(noise_img_second, clip_value_min=0, clip_value_max=1)


            aeoutput = ae_model(noise_img)
            aeoutput_second = ae_model(noise_img_second)
            
            model_dir = "./"
            target_model2 = Load_Madry_Model(tf.Session(config=config), model_dir, noise_img, bias = 0.5, scale = 255)
            target_model3 = Load_Madry_Model(tf.Session(config=config), model_dir, aeoutput, bias = 0.5, scale = 255)
            
            #print(target_model2.var_list)
            output = tf.identity(target_model2.probs, name='my_output')
            output2 = tf.identity(target_model3.probs, name='my_output2')
            
            aeoutput_mul = aeoutput*255
            aeoutput_second_mul = aeoutput_second*255
            l2_norm = tf.norm(aeoutput_second_mul - aeoutput_mul, ord='euclidean', axis=[-2,-1])
            l2_norm_test = l2_norm
            l2_norm = tf.pow(l2_norm, 2)
            l2_norm = tf.math.minimum(l2_norm, 100)
            
            loss_crossentropy = tf.keras.losses.sparse_categorical_crossentropy(aclabels, output2)
            loss_crossentropy = tf.reduce_mean(loss_crossentropy)
            loss = loss_crossentropy - l2_norm
            
            
            train_op = self.optimizer.minimize(loss, var_list=list(set(tf.trainable_variables()) - target_model2.var_list - target_model3.var_list))

            # Start training
            with tf.Session(config=config) as sess:
                loss_batch, aux_batch, ce_batch = [], [], []
                contrastive_loss_batch, ae_loss_batch = [], []
                
                sess.run(tf.global_variables_initializer())
                target_model2.load_weights()
                target_model3.load_weights()
                min_loss = np.inf 
                
                # epoch training loop
                for epoch in range(100):
                    epoch_time = time.time()
                    # split data into batches
                    batch_size = 30
                    batch_count, batch_x, batch_y = batch_data(x_train, y_train, batch_size)
                    batch_count = int(batch_count)
                    print("BC: %d" % batch_count)
                    # batch training loop
                    
                    for b in range(batch_count):
                        logging.debug(f'b: {b}')
                        #add random noise to x_train (start with 0.01 first)
                        feed_dict = {
                            input_: batch_x[b*batch_size: b*batch_size+batch_size],
                            lambda_1_tensor: lambda_1,
                            aclabels: batch_y[b*batch_size: b*batch_size+batch_size],
                        }
                        
                        labelled, labelled2,loss1,ae_loss1,loss_ce,_ = sess.run([output,output2,loss,l2_norm,loss_crossentropy,train_op], feed_dict=feed_dict)
                        

                        loss_batch.append(loss1)
                        ae_loss_batch.append(ae_loss1)
                        ce_batch.append(loss_ce)

                    if math.isnan(np.mean(loss_batch)):
                        logging.error('NaN value in loss')
                    
                    current_loss = np.mean(loss_batch)
                    print(f'Epoch {epoch}: loss {current_loss} -- ' + \
                                    f'ae {np.mean(ae_loss_batch)} -- ' + \
                                    f'ae {np.mean(ce_batch)} -- ' + \
                                    f'time {time.time() - epoch_time}')
                print("saving weights")
                ae_model.save('./query-blinding-1-whole-model')
                ae_model.save_weights('./query-blinding-1-just-weights')
                

In [None]:
OPTIMIZER = tf.train.AdamOptimizer
cae = ContrastiveAE(OPTIMIZER, 0.01)
x_train = x_train[:100]
y_train = y_train[:100]
cae.train(x_train, y_train,
                1e-1, 1, 1, 1, 1,
                1, 20)

In [48]:
from PIL import Image

OPTIMIZER = tf.train.AdamOptimizer
cae = ContrastiveAE(OPTIMIZER, 0.01)
x_train_vis = x_train[:1]
cae.visualize(x_train_vis, y_train)

init
