In [None]:
import numpy as np

In [None]:
import torch

import torchvision
import torchvision.transforms as transforms

import torch.nn as nn
import torch.nn.functional as F

import torch.optim as optim

In [None]:
transform = transforms.Compose([transforms.ToTensor()])

trainset = torchvision.datasets.MNIST(root='./data', train=True,
                                      download=True, transform=transform)
trainloader = torch.utils.data.DataLoader(trainset, batch_size=128,
                                          shuffle=True, num_workers=1)

testset = torchvision.datasets.MNIST(root='./data', train=False,
                                     download=True, transform=transform)
testloader = torch.utils.data.DataLoader(testset, batch_size=10000,
                                         shuffle=False, num_workers=1)

In [None]:
test_set = torchvision.datasets.MNIST(root='./data', train=False,
                                     download=True, transform=transform)
test_loader = torch.utils.data.DataLoader(testset, batch_size=128,
                                         shuffle=False, num_workers=1)

In [None]:
class Net(nn.Module):
    def __init__(self):
        super(Net, self).__init__()
        self.conv1 = nn.Conv2d(1, 32, (5, 5), stride=1)
        self.pool = nn.MaxPool2d((2, 2), stride=2)
        self.conv2 = nn.Conv2d(32, 64, (5, 5), stride=1)
        self.fc1 = nn.Linear(1024, 1024)
        self.fc2 = nn.Linear(1024, 10)

    def forward(self, x):
        x = self.pool(F.relu(self.conv1(x)))
        x = self.pool(F.relu(self.conv2(x)))
        x = x.view(-1, 1024)
        x = F.relu(self.fc1(x))
        x = self.fc2(x)
        return x

In [None]:
net = Net()

In [None]:
criterion = nn.CrossEntropyLoss()
optimizer = optim.Adam(net.parameters(), lr=0.001)

In [None]:
device = torch.device("cuda:0" if torch.cuda.is_available() else "cpu")
net.to(device)

In [None]:
net.train()

num_epchos = 30

for epoch in range(num_epchos):
    
    steps = 0
    running_loss = 0.0
    for i, data in enumerate(trainloader, 0):
        
        inputs, labels = data[0].to(device), data[1].to(device)

        optimizer.zero_grad()
        
        adv = pgd_attack(net, inputs, labels)

        outputs = net(adv)
    
        loss = criterion(outputs, labels)
        loss.backward()

        optimizer.step()

        steps += 1
        running_loss += loss.item()

    # print statistics
    print('%d loss: %f' % (epoch + 1, running_loss / steps))

print('Finished Training')

In [None]:
net.train()

num_epchos = 5

for epoch in range(num_epchos):
    
    steps = 0
    running_loss = 0.0
    for i, data in enumerate(trainloader, 0):
        
        inputs, labels = data[0].to(device), data[1].to(device)

        optimizer.zero_grad()
        
        adv = pgd_attack(net, inputs, labels)

        outputs = net(adv)
    
        loss = criterion(outputs, labels)
        loss.backward()

        optimizer.step()

        steps += 1
        running_loss += loss.item()

    # print statistics
    print('%d loss: %f' % (epoch + 1, running_loss / steps))

print('Finished Training')

In [None]:
net.eval()

In [None]:
correct = 0
total = 0
with torch.no_grad():
    for data in testloader:
        
        images, labels = data[0].to(device), data[1].to(device)
        outputs = net(images)
        _, predicted = torch.max(outputs.data, 1)
        total += labels.size(0)
        correct += (predicted == labels).sum().item()

print('Accuracy of the network on the 10000 test images: %f %%' % (100 * correct / total))

In [None]:
def pgd_attack(model, images, labels, eps=0.3, alpha=0.05):
    
    iters = int((2.5 * eps) / alpha)
    
    images = images.to(device)
    labels = labels.to(device)

    loss = torch.nn.CrossEntropyLoss()
    
    ori_images = images
    
    images = images + torch.zeros_like(images).uniform_(-eps, eps)
    
    for i in range(iters):
        
        images.requires_grad = True
        outputs = model(images)
        model.zero_grad()

        cost = loss(outputs, labels).to(device)
        cost.backward()

        adv_images = images + alpha*images.grad.sign()
        eta = torch.clamp(adv_images - ori_images, min=-eps, max=eps)
        images = torch.clamp(ori_images + eta, min=0, max=1).detach_()
        
    return images

In [None]:
correct = 0
total = 0
for data in testloader:
    
    images, labels = data[0].to(device), data[1].to(device)
    adv = pgd_attack(net, images, labels, eps=0.4)
    outputs = net(adv)
    _, predicted = torch.max(outputs.data, 1)
    total += labels.size(0)
    correct += (predicted == labels).sum().item()

print('Accuracy of the network on the 10000 test images: %f %%' % (100 * correct / total))

In [None]:
PATH = './Final/model.pth'
torch.save(net.state_dict(), PATH)