## Basic Imports

In [1]:
from sklearn.svm import SVC
import numpy as np

## ART Imports

In [2]:
from art.attacks.evasion import FastGradientMethod
from art.estimators.classification import SklearnClassifier
from art.utils import load_mnist

## Load MNIST

In [3]:
(x_train, y_train), (x_test, y_test), min_pixel_value, max_pixel_value = load_mnist()

## Reshape to Compatible Size for Sklearn

In [4]:
nb_samples_train = x_train.shape[0]
nb_samples_test = x_test.shape[0]
x_train = x_train.reshape((nb_samples_train, 28 * 28))
x_test = x_test.reshape((nb_samples_test, 28 * 28))

In [5]:
model = SVC(C=1.0, kernel="rbf")

In [6]:
classifier = SklearnClassifier(model=model, clip_values=(min_pixel_value, max_pixel_value))

In [7]:
classifier.fit(x_train, y_train)

In [8]:
predictions = classifier.predict(x_test)
accuracy = np.sum(np.argmax(predictions, axis=1) == np.argmax(y_test, axis=1)) / len(y_test)
print("Accuracy on benign test examples: {}%".format(accuracy * 100))

Accuracy on benign test examples: 97.92%


In [None]:
# The attack takes a long time to generate so we only generate it on a few
# samples for this example
n_test_samples = 100
attack = FastGradientMethod(estimator=classifier, eps=0.2)
x_test_adv = attack.generate(x=x_test[0:n_test_samples])

In [13]:
predictions = classifier.predict(x_test_adv)
accuracy = np.sum(np.argmax(predictions, axis=1) == np.argmax(y_test[0:n_test_samples], axis=1)) / n_test_samples
print("Accuracy on adversarial test examples: {}%".format(accuracy * 100))

Accuracy on adversarial test examples: 49.0%
