# FGSM Attack 1

TJ Kim

12.17.20

### Summary:

Load a single neural network within the multiple clients present in the federated learning setting. Then on that single neural network, make a Module.nn pytorch model with the weights and attack that.

- Use misclassification attack first
- Then move onto targetted attack


The FGSM attack code is taken from here: https://pytorch.org/tutorials/beginner/fgsm_tutorial.html

First move into working directory.

In [1]:
cd '/home/ubuntu/satya_code/' 

/home/ubuntu/satya_code


### Load Relevant Libraries and Modules

Load the relevant libraries for the federated learning code.

In [2]:
import time
import yaml
        
from femnist_dataloader import Dataloader
from cnn_head import CNN_Head
from cnn_neck import CNN_Neck
from cnn_server import Server
from cnn_client import Client
from data_manager import DataManager

from utilities import freeze_layers
import numpy as np
import torch
import matplotlib.pyplot as plt
import random
import csv
import os
import pickle

import multiprocessing as mp

import queue

# Extra not from py file
from collections import OrderedDict 
import itertools

Load the relevant libraries for example FGSM.

In [3]:
from __future__ import print_function
import torch
import torch.nn as nn
import torch.nn.functional as F
import torch.optim as optim
from torchvision import datasets, transforms
import numpy as np
import matplotlib.pyplot as plt

### Generate Victim Model from FL Client

Import the existing FL client weights, and attempt to reconstruct the architecture and load the relevant weights.

First we build a custom nn module to hold the head and neck together. We desire to obtain gradient information from this victim model.

In [87]:
class Victim_NN(nn.Module):
    """
    Summary: 
    
    Pytorch NN module that takes pre-trained weights from layered personalized model
    We also load the data-loader and give test,attack functionality
    
    """
    
    def __init__(self, head_network, neck_network, dataloader):
        
        super(Victim_NN, self).__init__()
        self.head = head_network
        self.neck = neck_network
        self.dataloader = dataloader
        self.criterion = nn.NLLLoss()
        
        
        # test_acc attributes
        self.test_input = None
        self.test_target = None
        self.test_output = None
        self.test_softmax = None
        self.test_acc = None
        self.test_loss = None
        
    def forward(self,x):
        x = self.neck.forward(x)
        x = self.head.forward(x)
        
        return x
    
    def forward_batch_test(self, batch_size, print_info = True):
        
        # Randomly select batch size and perform forward pass on specified data         
        image_data = self.dataloader.load_batch(batch_size)
        self.test_input  = torch.Tensor(image_data['input']).reshape(batch_size,1,28,28)
        self.test_target  = torch.Tensor(image_data['label']).type(torch.LongTensor).cuda()
        self.test_softmax = self.forward(self.test_input)
        self.test_output = torch.argmax(self.test_softmax,dim = 1)
        
        # Record accuracy and loss
        self.test_loss = self.criterion(self.test_softmax, self.test_target).item()
        self.test_acc = (self.test_output == self.test_target).float().sum()/batch_size
        
        # Print Relevant Information
        if print_info:
            print("---- Test Batch Size:", batch_size, "----")
            print("Test Output:", self.test_output.tolist())
            print("Test Target:", self.test_target.tolist())
            print("Loss       :", self.test_loss)
            print("Test Acc   :", self.test_acc.item())
        

Load the first (0th) client weights into a dummy head/neck networks. 

In [13]:
# Generate Head and Neck NN objects
mode = 'cuda'
head_nn = CNN_Head(mode)
neck_nn = CNN_Neck(mode)

# Which network to load and directory
i = 0
exp_path = "Results/federated_system/individual_head_networks/"
nn_path = exp_path + "individual_head_networks_"

# Load pre-trained weights
head_path = nn_path + str(i) +"_head_network"
neck_path = nn_path + str(i) +"_neck_network"

head = torch.load(head_path)
neck = torch.load(neck_path)
    
head_edit = OrderedDict()
neck_edit = OrderedDict()

# Edit the ordered_dict key names to be torch compatible
for key in head.keys():
    head_edit["network."+key] = head[key]

for key in neck.keys():
    neck_edit["network."+key] = neck[key]

head_nn.load_state_dict(head_edit)
neck_nn.load_state_dict(neck_edit)

<All keys matched successfully>

### Prediction from Data Loader

Pass inputs from the dataloader and see accuracy for this client.

In [17]:
# Obtain Information Regarding Dataset Slices
with open(r'config.yaml') as file:
        config = yaml.load(file, Loader=yaml.FullLoader)
        
file_indices = [i for i in range(config['num_sets'])]
#random.shuffle(file_indices)
client_slice = len(file_indices)//config['num_clients']

# Load the relevant dataloader for this specific user (0)
i = 0
loader = Dataloader(file_indices,[i*(client_slice),min((i+1)*(client_slice),35)])  
loader.load_training_dataset()
loader.load_testing_dataset()

Loading  all_data_12_niid_0_keep_0_train_9.json
Loading  all_data_20_niid_0_keep_0_train_9.json
Loading  all_data_11_niid_0_keep_0_train_9.json
Loading  all_data_18_niid_0_keep_0_train_9.json


In [88]:
victim_nn = Victim_NN(head_nn,neck_nn,loader)

In [89]:
victim_nn.forward_batch_test(batch_size=10)

---- Test Batch Size: 10 ----
Test Output: [9, 24, 2, 5, 0, 19, 34, 40, 29, 0]
Test Target: [9, 24, 2, 5, 0, 19, 53, 40, 29, 24]
Loss       : 0.4579434394836426
Test Acc   : 0.800000011920929
