In [33]:
import os
from pathlib import Path
import argparse
import functools

import matplotlib
import matplotlib.pyplot as plt
import numpy as np
import scipy.stats
from sklearn.metrics import auc, roc_curve

In [4]:
savedir = "exp/cifar10"

In [9]:
dirs = [os.path.join(savedir, x) for x in os.listdir(savedir)]
# dirs

In [10]:
path = dirs[0]

keep = np.load(os.path.join(path, "keep.npy"))
logits = np.load(os.path.join(path, "logits.npy"))
scores = np.load(os.path.join(path, "scores.npy"))

In [13]:
print(keep.shape)
print(keep)

(40000,)
[False False  True ...  True  True  True]


In [14]:
print(logits.shape)
print(logits)

(40000, 2, 10)
[[[-1.7883477  -5.6704698   2.8770428  ...  1.0131285  -4.65934
   -4.086761  ]
  [-1.919997   -5.250031    1.3367171  ...  2.6929588  -4.9380636
   -3.5059118 ]]

 [[-2.38645    -4.8438516   4.974211   ... -1.789512   -0.8768619
   -4.137736  ]
  [-2.3094807  -4.5991073   4.390994   ... -1.8581053  -0.41574976
   -3.894136  ]]

 [[-3.58471    -3.3064373  -0.2338044  ...  1.7355362  -5.061231
   -3.2215145 ]
  [-2.7517297  -4.210736    0.27253738 ...  0.4341553  -3.3611584
   -2.877072  ]]

 ...

 [[ 0.13101047 27.060312   -6.6546555  ... -7.9745727   2.5272655
    9.485139  ]
  [ 0.11311367 19.817822   -4.9686284  ... -5.786897    1.8784015
    7.132865  ]]

 [[11.475042   -1.3717729   2.654842   ... -1.0020841   0.5737292
   -0.9274966 ]
  [12.022043   -1.2462178   2.2052798  ... -0.89421564  0.6298332
   -0.45449114]]

 [[ 0.29957807 -0.09773394 -0.22328937 ... -5.394558   11.193246
    0.6376837 ]
  [ 0.24891272  0.13399914 -0.22011712 ... -5.4849067  11.254842
    0

In [15]:
print(scores.shape)
print(scores)

(40000, 2)
[[ 4.68748243  4.20020984]
 [-0.45901215  0.70122978]
 [ 2.81220677 -2.70628857]
 ...
 [17.57408614 12.67815007]
 [ 8.61777702  9.48656081]
 [ 9.26889597  9.32298001]]


In [18]:
def sweep(score, x):
    """
    Compute a ROC curve and then return the FPR, TPR, AUC, and ACC.
    """
    fpr, tpr, _ = roc_curve(x, -score)
    acc = np.max(1 - (fpr + (1 - tpr)) / 2)
    return fpr, tpr, auc(fpr, tpr), acc

In [28]:
def load_data():
    """
    Load our saved scores and then put them into a big matrix.
    """
    global scores, keep
    scores = []
    keep = []

    for path in os.listdir(savedir):
        scores.append(np.load(os.path.join(savedir, path, "scores.npy")))
        keep.append(np.load(os.path.join(savedir, path, "keep.npy")))
    scores = np.array(scores)
    keep = np.array(keep)

    return scores, keep

In [29]:
load_data()

(array([[[ 4.68748243,  4.20020984],
         [-0.45901215,  0.70122978],
         [ 2.81220677, -2.70628857],
         ...,
         [17.57408614, 12.67815007],
         [ 8.61777702,  9.48656081],
         [ 9.26889597,  9.32298001]],
 
        [[ 4.59428779,  3.78349585],
         [ 7.88184895,  8.58197691],
         [-5.24243955, -4.48598317],
         ...,
         [20.99291352, 15.09406965],
         [ 9.99725349, 10.53718927],
         [ 8.8253195 ,  9.62050787]],
 
        [[ 4.18130685,  3.96536509],
         [ 1.93927562,  3.94789297],
         [-2.10935169, -4.29676738],
         ...,
         [18.23606657, 12.97001684],
         [ 8.36554254,  8.68055632],
         [ 5.44392951,  7.83008651]],
 
        ...,
 
        [[ 5.66482971,  6.94895201],
         [ 2.92638753,  3.21772178],
         [-2.85923694, -5.77564323],
         ...,
         [18.8793064 ,  9.93001081],
         [ 8.80272302,  8.61339657],
         [ 0.56995122,  4.78953952]],
 
        [[ 7.61774112,  7.429

In [30]:
scores.shape

(64, 40000, 2)

In [31]:
keep.shape

(64, 40000)

In [37]:
def generate_ours(keep, scores, check_keep, check_scores, in_size=100000, out_size=100000, fix_variance=False):
    """
    Fit a two predictive models using keep and scores in order to predict
    if the examples in check_scores were training data or not, using the
    ground truth answer from check_keep.
    """
    dat_in = []
    dat_out = []


    # iterate data points (x, y).
    for j in range(scores.shape[1]):
        dat_in.append(scores[keep[:, j], j, :])
        dat_out.append(scores[~keep[:, j], j, :])

    in_size = min(min(map(len, dat_in)), in_size)
    out_size = min(min(map(len, dat_out)), out_size)

    dat_in = np.array([x[:in_size] for x in dat_in])
    dat_out = np.array([x[:out_size] for x in dat_out])

    mean_in = np.median(dat_in, 1)
    mean_out = np.median(dat_out, 1)
    
    if fix_variance:
        std_in = np.std(dat_in)
        std_out = np.std(dat_in)
    else:
        std_in = np.std(dat_in, 1)
        std_out = np.std(dat_out, 1)

    print("dat_in: ", dat_in.shape)
    print("dat_out: ", dat_out.shape)

    print("mean_in: ", mean_in)
    print("mean_out: ", mean_out)
    print("std_in: ", std_in)
    print("std_out: ", std_out)
    

    prediction = []
    answers = []
    for ans, sc in zip(check_keep, check_scores):
        pr_in = -scipy.stats.norm.logpdf(sc, mean_in, std_in + 1e-30)
        pr_out = -scipy.stats.norm.logpdf(sc, mean_out, std_out + 1e-30)
        score = pr_in - pr_out

        prediction.extend(score.mean(1))
        answers.extend(ans)

    return prediction, answers, "", dat_in, dat_out, mean_in, mean_out, std_in, std_out

In [38]:
def do_plot(fn, keep, scores, ntest, legend="", metric="auc", sweep_fn=sweep, **plot_kwargs):
    """
    Generate the ROC curves by using ntest models as test models and the rest to train.
    """

    prediction, answers = fn(keep[:-ntest], scores[:-ntest], keep[-ntest:], scores[-ntest:])

    print("prediction: ")
    print(prediction)
    print("answers: ")
    print(answers)

    fpr, tpr, auc, acc = sweep_fn(np.array(prediction), np.array(answers, dtype=bool))

    low = tpr[np.where(fpr < 0.001)[0][-1]]

    print("Attack %s   AUC %.4f, Accuracy %.4f, TPR@0.1%%FPR of %.4f" % (legend, auc, acc, low))

    metric_text = ""
    if metric == "auc":
        metric_text = "auc=%.3f" % auc
    elif metric == "acc":
        metric_text = "acc=%.3f" % acc

    plt.plot(fpr, tpr, label=legend + metric_text, **plot_kwargs)
    return (acc, auc)


def fig_fpr_tpr():
    plt.figure(figsize=(4, 3))

    do_plot(generate_ours, keep, scores, 1, "Ours (online)\n", metric="auc")

    # do_plot(functools.partial(generate_ours, fix_variance=True), keep, scores, 1, "Ours (online, fixed variance)\n", metric="auc")
    #
    # do_plot(functools.partial(generate_ours_offline), keep, scores, 1, "Ours (offline)\n", metric="auc")
    #
    # do_plot(functools.partial(generate_ours_offline, fix_variance=True), keep, scores, 1, "Ours (offline, fixed variance)\n", metric="auc")
    #
    # do_plot(generate_global, keep, scores, 1, "Global threshold\n", metric="auc")

    plt.semilogx()
    plt.semilogy()
    plt.xlim(1e-5, 1)
    plt.ylim(1e-5, 1)
    plt.xlabel("False Positive Rate")
    plt.ylabel("True Positive Rate")
    plt.plot([0, 1], [0, 1], ls="--", color="gray")
    plt.subplots_adjust(bottom=0.18, left=0.18, top=0.96, right=0.96)
    plt.legend(fontsize=8)
    plt.savefig("fprtpr.png")
    plt.show()

In [39]:
fig_fpr_tpr()

dat_in:  (40000, 31, 2)
dat_out:  (40000, 31, 2)
mean_in:  [[ 5.66866874  5.85076141]
 [        nan         nan]
 [ 1.86377865  2.83813249]
 ...
 [22.7923407  13.18756812]
 [        nan         nan]
 [        nan         nan]]
mean_out:  [[       nan        nan]
 [0.71230373 2.481409  ]
 [       nan        nan]
 ...
 [       nan        nan]
 [8.52784371 9.15922596]
 [       nan        nan]]
std_in:  [[1.31560762 1.35229173]
 [       nan        nan]
 [2.13401356 2.42591937]
 ...
 [5.16536262 3.02299995]
 [       nan        nan]
 [       nan        nan]]
std_out:  [[       nan        nan]
 [2.64778163 2.72025547]
 [       nan        nan]
 ...
 [       nan        nan]
 [1.54028234 1.53659503]
 [       nan        nan]]
prediction: 
[nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, nan, n

ValueError: Input contains NaN.

<Figure size 400x300 with 0 Axes>

In [40]:
ntest = 1
prediction, answers, _, dat_in, dat_out, mean_in, mean_out, std_in, std_out = generate_ours(keep[:-ntest], scores[:-ntest], keep[-ntest:], scores[-ntest:])

dat_in:  (40000, 31, 2)
dat_out:  (40000, 31, 2)
mean_in:  [[ 5.66866874  5.85076141]
 [        nan         nan]
 [ 1.86377865  2.83813249]
 ...
 [22.7923407  13.18756812]
 [        nan         nan]
 [        nan         nan]]
mean_out:  [[       nan        nan]
 [0.71230373 2.481409  ]
 [       nan        nan]
 ...
 [       nan        nan]
 [8.52784371 9.15922596]
 [       nan        nan]]
std_in:  [[1.31560762 1.35229173]
 [       nan        nan]
 [2.13401356 2.42591937]
 ...
 [5.16536262 3.02299995]
 [       nan        nan]
 [       nan        nan]]
std_out:  [[       nan        nan]
 [2.64778163 2.72025547]
 [       nan        nan]
 ...
 [       nan        nan]
 [1.54028234 1.53659503]
 [       nan        nan]]


In [41]:
prediction

[nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan,
 nan