In [1]:
cd /home/ubuntu/FedEM/

/home/ubuntu/FedEM


In [2]:
# Import General Libraries
import os
import argparse
import torch
import copy
import pickle
import random
import numpy as np
import pandas as pd

# Import FedEM based Libraries
from utils.utils import *
from utils.constants import *
from utils.args import *
from run_experiment import *
from models import *

# Import Transfer Attack
from transfer_attacks.Personalized_NN import *
from transfer_attacks.Params import *
from transfer_attacks.Transferer import *
from transfer_attacks.Args import *
from transfer_attacks.TA_utils import *
from transfer_attacks.Boundary_Transferer import *

In [3]:
# Manually set argument parameters
args_ = Args()
args_.experiment = "cifar10"
args_.method = "FedEM_adv"
args_.decentralized = False
args_.sampling_rate = 1.0
args_.input_dimension = None
args_.output_dimension = None
args_.n_learners= 3
args_.n_rounds = 10
args_.bz = 128
args_.local_steps = 1
args_.lr_lambda = 0
args_.lr =0.03
args_.lr_scheduler = 'multi_step'
args_.log_freq = 10
args_.device = 'cuda'
args_.optimizer = 'sgd'
args_.mu = 0
args_.communication_probability = 0.1
args_.q = 1
args_.locally_tune_clients = False
args_.seed = 1234
args_.verbose = 1
args_.save_path = 'weights/cifar/22_01_09_fedavg_n80_benign/'
args_.validation = False
args_.num_user = 40

# Generate the dummy values here
aggregator, clients = dummy_aggregator(args_, num_user=40)

==> Clients initialization..
===> Building data iterators..


100%|██████████████████████████████████████████| 80/80 [00:00<00:00, 267.44it/s]


===> Initializing clients..


100%|███████████████████████████████████████████| 80/80 [00:54<00:00,  1.47it/s]


==> Test Clients initialization..
===> Building data iterators..


0it [00:00, ?it/s]


===> Initializing clients..


0it [00:00, ?it/s]


++++++++++++++++++++++++++++++
Global..
Train Loss: 2.292 | Train Acc: 12.195% |Test Loss: 2.292 | Test Acc: 12.291% |
++++++++++++++++++++++++++++++++++++++++++++++++++
################################################################################


In [4]:
# Combine Validation Data across all clients as test
data_x = []
data_y = []

for i in range(len(clients)):
    daniloader = clients[i].val_iterator
    for (x,y,idx) in daniloader.dataset:
        data_x.append(x)
        data_y.append(y)

data_x = torch.stack(data_x)
data_y = torch.stack(data_y)

# Create dataloader from validation dataset that allows for diverse batch size
dataloader = Custom_Dataloader(data_x, data_y)

In [77]:
selection = 2
name = ['fedavg', 'fedavg_adv', 'fedEM','fedEM_adv']
exp_names = ['weights/neurips/cifar/local_tuning/' + name[selection]+'/']
exp_modes = ['FedAvg','FedAvg','FedEM','FedEM']

tunes= [0,5,10,20,40]

train_item = 'train_client_weights.npy'

In [78]:
num_victims = 40
num_exp = len(tunes) + 1
# Set Up Dictionaries -- list holds the adversary idx
exp_logs = {}

for j in range(num_exp):
    logs_adv = []

    for i in range(num_victims):
        adv_dict = {}
        adv_dict['orig_acc_transfers'] = None
        adv_dict['orig_similarities'] = None
        adv_dict['adv_acc_transfers'] = None
        adv_dict['adv_similarities_target'] = None
        adv_dict['adv_similarities_untarget'] = None
        adv_dict['adv_target'] = None
        adv_dict['adv_miss'] = None
        adv_dict['metric_alignment'] = None
        adv_dict['ib_distance_legit'] = None
        adv_dict['ib_distance_adv'] = None
        
        logs_adv += [adv_dict]
    
    exp_logs[j] = copy.deepcopy(logs_adv)


In [95]:
j = 0
# Inter Boundary Distance Metric
custom_batch_size = 500

print('processing file', exp_names[j], '...')
setting = exp_modes[selection]

if setting == 'FedAvg':

    args_.method = 'FedAvg'
    args_.n_learners= 1

    aggregator, clients = dummy_aggregator(args_, num_user=40)

    args_.save_path = exp_names[j]
    aggregator.load_state(args_.save_path)

    # This is where the models are stored -- one for each mixture --> learner.model for nn
    hypotheses = aggregator.global_learners_ensemble.learners

    # obtain the state dict for each of the weights 
    weights_h = []

    for h in hypotheses:
        weights_h += [h.model.state_dict()]

    weight_name = args_.save_path + train_item
    weights = np.load(weight_name)

    # Set model weights
    model_weights = []
    num_models = num_victims

    for i in range(num_models):
        model_weights += [weights[i]]

    # Generate the weights to test on as linear combinations of the model_weights
    models_test = []

    for (w0) in model_weights:
        # first make the model with empty weights
        new_model = copy.deepcopy(hypotheses[0].model)
        new_model.eval()
        new_weight_dict = copy.deepcopy(weights_h[0])
        for key in weights_h[0]:
            new_weight_dict[key] = w0[0]*weights_h[0][key]
        new_model.load_state_dict(new_weight_dict)
        models_test += [new_model]


elif setting == 'FedEM':

    args_.method = 'FedEM'
    args_.n_learners= 3

    aggregator, clients = dummy_aggregator(args_, num_user=40)

    args_.save_path = exp_names[j]

    aggregator.load_state(args_.save_path)

    # This is where the models are stored -- one for each mixture --> learner.model for nn
    hypotheses = aggregator.global_learners_ensemble.learners

    # obtain the state dict for each of the weights 
    weights_h = []

    for h in hypotheses:
        weights_h += [h.model.state_dict()]

    weight_name = args_.save_path + train_item
    weights = np.load(weight_name)

    # Set model weights
    model_weights = []
    num_models = num_victims

    for i in range(num_models):
        model_weights += [weights[i]]

    # Generate the weights to test on as linear combinations of the model_weights
    models_test = []

    for (w0,w1,w2) in model_weights:
        # first make the model with empty weights
        new_model = copy.deepcopy(hypotheses[0].model)
        new_model.eval()
        new_weight_dict = copy.deepcopy(weights_h[0])
        for key in weights_h[0]:
            new_weight_dict[key] = w0*weights_h[0][key] + w1*weights_h[1][key] + w2*weights_h[2][key]
        new_model.load_state_dict(new_weight_dict)
        models_test += [new_model]    

victim_idxs = range(num_victims)

for adv_idx in victim_idxs:
    print("\t Adv idx:", adv_idx)
    # Perform Attacks
    dataloader = load_client_data(clients = clients, c_id = adv_idx, mode = 'test') # or test/train
    batch_size = min(custom_batch_size, dataloader.y_data.shape[0])

    t1 = Transferer(models_list=models_test, dataloader=dataloader)
    t1.generate_victims(victim_idxs)

    t1.atk_params = PGD_Params()
    t1.atk_params.set_params(batch_size=batch_size, iteration = 10,
                   target = 3, x_val_min = torch.min(data_x), x_val_max = torch.max(data_x),
                   step_size = 0.05, step_norm = "inf", eps = 4, eps_norm = 2)

    t1.generate_advNN(adv_idx)
    t1.generate_xadv(atk_type = "pgd")
    t1.send_to_victims(victim_idxs)
    # t1.check_empirical_metrics(orig_flag = True)

    # Log Performance
    exp_logs[j][adv_idx]['orig_acc_transfers'] = copy.deepcopy(t1.orig_acc_transfers)
    exp_logs[j][adv_idx]['orig_similarities'] = copy.deepcopy(t1.orig_similarities)
    exp_logs[j][adv_idx]['adv_acc_transfers'] = copy.deepcopy(t1.adv_acc_transfers)
    exp_logs[j][adv_idx]['adv_similarities_target'] = copy.deepcopy(t1.adv_similarities)        
    exp_logs[j][adv_idx]['adv_target'] = copy.deepcopy(t1.adv_target_hit)

    # Miss attack
    t1.atk_params.set_params(batch_size=batch_size, iteration = 10,
                   target = -1, x_val_min = torch.min(data_x), x_val_max = torch.max(data_x),
                   step_size = 0.05, step_norm = "inf", eps = 4, eps_norm = 2)
    t1.generate_xadv(atk_type = "pgd")
    t1.send_to_victims(victim_idxs)
    exp_logs[j][adv_idx]['adv_miss'] = copy.deepcopy(t1.adv_acc_transfers)
    exp_logs[j][adv_idx]['adv_similarities_untarget'] = copy.deepcopy(t1.adv_similarities)


del models_test

processing file weights/neurips/cifar/local_tuning/fedEM/ ...
==> Clients initialization..
===> Building data iterators..


100%|██████████████████████████████████████████| 80/80 [00:00<00:00, 349.53it/s]


===> Initializing clients..


100%|███████████████████████████████████████████| 80/80 [00:35<00:00,  2.22it/s]


==> Test Clients initialization..
===> Building data iterators..


0it [00:00, ?it/s]


===> Initializing clients..


0it [00:00, ?it/s]


++++++++++++++++++++++++++++++
Global..
Train Loss: 2.292 | Train Acc: 12.195% |Test Loss: 2.292 | Test Acc: 12.291% |
++++++++++++++++++++++++++++++++++++++++++++++++++
################################################################################
	 Adv idx: 0
	 Adv idx: 1
	 Adv idx: 2
	 Adv idx: 3
	 Adv idx: 4
	 Adv idx: 5
	 Adv idx: 6
	 Adv idx: 7
	 Adv idx: 8
	 Adv idx: 9
	 Adv idx: 10
	 Adv idx: 11
	 Adv idx: 12
	 Adv idx: 13
	 Adv idx: 14
	 Adv idx: 15
	 Adv idx: 16
	 Adv idx: 17
	 Adv idx: 18
	 Adv idx: 19
	 Adv idx: 20
	 Adv idx: 21
	 Adv idx: 22
	 Adv idx: 23


KeyboardInterrupt: 

In [None]:
for j in range(1, len(tunes)):
    
    # load local model
    aggregator.load_state_local(exp_names[0],tunes[j])
    
    # model_weights - this now exists from prior 

    # Generate the weights to test on as linear combinations of the model_weights
    models_test = []

    if setting == 'FedEM':
        
        client_idx = 0    
        for (w0,w1,w2) in model_weights:
            # first make the model with empty weights
            hypotheses = aggregator.clients[client_idx].learners_ensemble.learners
            new_model = copy.deepcopy(hypotheses[0].model)
            new_model.eval()
            new_weight_dict = copy.deepcopy(weights_h[0])
            for key in weights_h[0]:
                new_weight_dict[key] = w0*weights_h[0][key] + w1*weights_h[1][key] + w2*weights_h[2][key]
            new_model.load_state_dict(new_weight_dict)
            models_test += [new_model] 

            client_idx += 1
    
    elif setting == 'FedAvg':
        
        client_idx = 0 
        for (w0) in model_weights:
            hypotheses = aggregator.clients[client_idx].learners_ensemble.learners
            # first make the model with empty weights
            new_model = copy.deepcopy(hypotheses[0].model)
            new_model.eval()
            new_weight_dict = copy.deepcopy(weights_h[0])
            for key in weights_h[0]:
                new_weight_dict[key] = w0[0]*weights_h[0][key]
            new_model.load_state_dict(new_weight_dict)
            models_test += [new_model]
            
            client_idx += 1
            
    victim_idxs = range(num_victims)

    for adv_idx in victim_idxs:
        print("\t Adv idx:", adv_idx)
        # Perform Attacks
        dataloader = load_client_data(clients = clients, c_id = adv_idx, mode = 'test') # or test/train
        batch_size = min(custom_batch_size, dataloader.y_data.shape[0])

        t1 = Transferer(models_list=models_test, dataloader=dataloader)
        t1.generate_victims(victim_idxs)

        t1.atk_params = PGD_Params()
        t1.atk_params.set_params(batch_size=batch_size, iteration = 10,
                       target = 3, x_val_min = torch.min(data_x), x_val_max = torch.max(data_x),
                       step_size = 0.05, step_norm = "inf", eps = 4, eps_norm = 2)

        t1.generate_advNN(adv_idx)
        t1.generate_xadv(atk_type = "pgd")
        t1.send_to_victims(victim_idxs)
        # t1.check_empirical_metrics(orig_flag = True)

        # Log Performance
        exp_logs[j][adv_idx]['orig_acc_transfers'] = copy.deepcopy(t1.orig_acc_transfers)
        exp_logs[j][adv_idx]['orig_similarities'] = copy.deepcopy(t1.orig_similarities)
        exp_logs[j][adv_idx]['adv_acc_transfers'] = copy.deepcopy(t1.adv_acc_transfers)
        exp_logs[j][adv_idx]['adv_similarities_target'] = copy.deepcopy(t1.adv_similarities)        
        exp_logs[j][adv_idx]['adv_target'] = copy.deepcopy(t1.adv_target_hit)

        # Miss attack
        t1.atk_params.set_params(batch_size=batch_size, iteration = 10,
                       target = -1, x_val_min = torch.min(data_x), x_val_max = torch.max(data_x),
                       step_size = 0.05, step_norm = "inf", eps = 4, eps_norm = 2)
        t1.generate_xadv(atk_type = "pgd")
        t1.send_to_victims(victim_idxs)
        exp_logs[j][adv_idx]['adv_miss'] = copy.deepcopy(t1.adv_acc_transfers)
        exp_logs[j][adv_idx]['adv_similarities_untarget'] = copy.deepcopy(t1.adv_similarities)


    del models_test

In [97]:
    hypotheses = aggregator.global_learners_ensemble.learners


[array([6.08536547e-26, 7.70407438e-01, 2.29592532e-01]),
 array([2.41548225e-01, 7.58451760e-01, 3.69536290e-24]),
 array([0.24549712, 0.66363275, 0.09087006]),
 array([8.25083196e-01, 1.74916789e-01, 1.67569092e-23]),
 array([5.46610057e-01, 5.26724730e-23, 4.53389913e-01]),
 array([0.00341613, 0.98484957, 0.01173431]),
 array([0.06903835, 0.84951502, 0.08144664]),
 array([2.54046801e-29, 4.09048468e-01, 5.90951502e-01]),
 array([4.35719737e-17, 9.27682877e-01, 7.23170787e-02]),
 array([3.88814539e-01, 1.40129846e-45, 6.11185431e-01]),
 array([3.93648818e-02, 6.74564947e-37, 9.60635066e-01]),
 array([1.44579166e-30, 9.23669994e-01, 7.63298869e-02]),
 array([0.5860132 , 0.18357165, 0.23041508]),
 array([0.26574701, 0.44243482, 0.2918182 ]),
 array([1.83677629e-01, 1.26899725e-38, 8.16322327e-01]),
 array([2.90429897e-39, 1.58866644e-02, 9.84113276e-01]),
 array([9.42755211e-03, 9.90572453e-01, 9.55122366e-23]),
 array([0.90697581, 0.00339275, 0.08963141]),
 array([1.00000000e+00, 0.00

In [104]:
aggregator.clients[0].learners_ensemble.learners

[<learners.learner.Learner at 0x7f45d17c74c0>,
 <learners.learner.Learner at 0x7f478abf4790>,
 <learners.learner.Learner at 0x7f4600d626d0>]

In [100]:
client_idx

40