# Comparing Metric to Dataset Analysis L2

TJ Kim <br/>
4/1/21

Updated <br/>
4/1/21

#### Objective: 
Directly compare the adversarial attack data vs non: <br/>

Deliverables
- Same tables as PPT made in 3/9 dividing data points by attack success and analyzing by their metrics
- Gaussian Attribution L2 Distance

In [1]:
cd '/home/ubuntu/FedAtk/' 

### Load Relevant Libraries and Modules

Load the relevant libraries for the federated learning code.

In [2]:
from transfer_attacks.DA_Transferer import *

import numpy as np
import torch
import matplotlib.pyplot as plt
import random
import csv
import os
import pickle
from torch.autograd import Variable
import copy
import pandas as pd

### Load Model and data

In [48]:
# Make directory in results for this experiment
# FL Architecture
client_idx = 0
victim_idxs = [1,2,3]
ifgsm_iterations = [20]
batch_size = 1000

# Saved Neural Networks to Test on 
exp_names = ["exp4_neck2_0_head3"]

# Parameters to record for excel printing
num_clients = len(victim_idxs)
metrics = ['orig_acc','orig_sim','orig_acc_robust', 'orig_sim_robust', 
           'orig_acc_adv', 'orig_sim_adv','adv_sim','adv_hit','g_align',
           'g_align_robust', 'g_align_adv']

# Save 1 - neck2_head3 network per client metric storage
stored_per_client_fgsm = {}
stored_per_client_fgsm['num_clients'] = np.array(victim_idxs)
for i in metrics:
    stored_per_client_fgsm[i] = np.zeros(num_clients)

In [4]:
transferer = DA_Transferer(filename = exp_names[0])
transferer.generate_advNN(client_idx = client_idx)
transferer.generate_victims(client_idxs = victim_idxs)
transferer.load_niid_data(clients=victim_idxs)

transferer.ifsgm_params.set_params(batch_size = batch_size)

Loading  all_data_12_niid_0_keep_0_train_9.json
Loading  all_data_20_niid_0_keep_0_train_9.json
Loading  all_data_11_niid_0_keep_0_train_9.json
Loading  all_data_18_niid_0_keep_0_train_9.json




Loading  all_data_0_niid_0_keep_0_train_9.json
Loading  all_data_34_niid_0_keep_0_train_9.json
Loading  all_data_17_niid_0_keep_0_train_9.json
Loading  all_data_13_niid_0_keep_0_train_9.json
Loading  all_data_7_niid_0_keep_0_train_9.json
Loading  all_data_33_niid_0_keep_0_train_9.json
Loading  all_data_24_niid_0_keep_0_train_9.json
Loading  all_data_5_niid_0_keep_0_train_9.json
Loading  all_data_27_niid_0_keep_0_train_9.json
Loading  all_data_26_niid_0_keep_0_train_9.json
Loading  all_data_21_niid_0_keep_0_train_9.json
Loading  all_data_10_niid_0_keep_0_train_9.json


### Perform attack and log empirical metrics

In [49]:
transferer.ifsgm_params.set_params(iteration = ifgsm_iterations[0])
transferer.generate_xadv(atk_type = "ifsgm")
transferer.send_to_victims(victim_idxs)
transferer.check_empirical_metrics(orig_flag = True)

for i in range(len(victim_idxs)):
    j = victim_idxs[i]
    
    stored_per_client_fgsm['orig_acc'][i] = transferer.orig_acc_transfers[j]
    stored_per_client_fgsm['orig_sim'][i] = transferer.orig_similarities[j]
    stored_per_client_fgsm['adv_sim'][i] = transferer.adv_similarities[j]
    stored_per_client_fgsm['adv_hit'][i] = transferer.adv_target_hit[j]
    stored_per_client_fgsm['g_align'][i] = transferer.metric_alignment[j]
    
    stored_per_client_fgsm['orig_acc_robust'][i] = transferer.orig_acc_transfers_robust[j]
    stored_per_client_fgsm['orig_sim_robust'][i] = transferer.orig_similarities_robust[j]
    stored_per_client_fgsm['orig_acc_adv'][i] = transferer.orig_acc_transfers_adv[j]
    stored_per_client_fgsm['orig_sim_adv'][i] = transferer.orig_similarities_adv[j]
    
    stored_per_client_fgsm['g_align_robust'][i] = transferer.metric_alignment_robust[j]
    stored_per_client_fgsm['g_align_adv'][i] = transferer.metric_alignment_adv[j]

    
df3 = pd.DataFrame(data=stored_per_client_fgsm).T
df3

Unnamed: 0,0,1,2
num_clients,1.0,2.0,3.0
orig_acc,0.82,0.827,0.606
orig_sim,0.678,0.66,0.823
orig_acc_robust,0.843058,0.840831,0.695652
orig_sim_robust,0.710262,0.647059,0.76087
orig_acc_adv,0.797217,0.821378,0.601677
orig_sim_adv,0.646123,0.66526,0.825996
adv_sim,0.503,0.711,0.954
adv_hit,0.503,0.711,0.954
g_align,1.124385,1.168885,0.989667


### Gaussian Analysis

Go through computing the Gaussian of each client component 

In [67]:
# Build logging mechanism for pd output
# Save 1 - neck2_head3 network per client metric storage
gaussian_mean_L2 = {}
gaussian_mean_L2['num_clients'] = np.array(victim_idxs)
metrics = ['Robust Count', 'Adv Count','Robust L2 Norm','Adv L2 Norm']
for i in metrics:
    gaussian_mean_L2[i] = np.zeros(len(victim_idxs))

In [50]:
# Compute Gaussian Mean/STD for benign client data and robust/adv attacker data
transferer.set_data(mode='client', datasets = victim_idxs, batch_size = batch_size)
transferer.set_data_advNN()
transferer.forward_pass()
transferer.obtain_gaussian()

In [68]:
for i in range(len(victim_idxs)):
    j = victim_idxs[i]
    gaussian_mean_L2['Robust Count'][i] = torch.sum(transferer.robust_indices[j]).cpu().detach().numpy()
    gaussian_mean_L2['Adv Count'][i] = torch.sum(transferer.adv_indices[j]).cpu().detach().numpy()
    gaussian_mean_L2['Robust L2 Norm'][i] = torch.norm(transferer.gaussian_ustd[j]['mean'] - transferer.robust_gaussian_ustd[j]['mean']).cpu().detach().numpy()
    gaussian_mean_L2['Adv L2 Norm'][i] = torch.norm(transferer.gaussian_ustd[j]['mean'] - transferer.adv_gaussian_ustd[j]['mean']).cpu().detach().numpy()
    

df4 = pd.DataFrame(data=gaussian_mean_L2).T
df4

Unnamed: 0,0,1,2
num_clients,1.0,2.0,3.0
Robust Count,497.0,289.0,46.0
Adv Count,503.0,711.0,954.0
Robust L2 Norm,4.403293,5.272386,8.44057
Adv L2 Norm,2.604424,2.721167,3.125628
