# FGSM Sweep 1

TJ Kim <br/>
1/16/21

#### Objective: 
Run FGSM attack on different number of head layers in federated learning and observe performance,


In [1]:
cd '/home/ubuntu/FedAtk/' 

/home/ubuntu/FedAtk


### Load Relevant Libraries and Modules

Load the relevant libraries for the federated learning code.

In [21]:
import time
import yaml

import numpy as np
import torch
import matplotlib.pyplot as plt
import random
import csv
import os
import pickle
from torch.autograd import Variable

import multiprocessing as mp
import queue

# Extra not from py file
from collections import OrderedDict 
import itertools

from __future__ import print_function
import torch
import torch.nn as nn
import torch.nn.functional as F
import torch.optim as optim
from torchvision import datasets, transforms
import numpy as np
import matplotlib.pyplot as plt

# Import Custom Made Victim
from transfer_attacks.Personalized_NN import *

# Federated Learning Module        
from federated_training.femnist_dataloader import Dataloader
from federated_training.cnn_head import CNN_Head
from federated_training.cnn_neck import CNN_Neck
from federated_training.cnn_server import Server
from federated_training.cnn_client import Client
from federated_training.data_manager import DataManager
from federated_training.utils import cuda, where

from federated_training.utilities import freeze_layers

### Transfer Attack Sweeping Different Configs

In [20]:
class IFSGM_Params():
    
    def __init__(self):
        
        # Attack Params
        self.batch_size = 10
        self.eps = 0.1
        self.alpha = 0.01
        self.iteration = 100
        self.target = 20
        self.x_val_min = 0
        self.x_val_max = 1
        
    def set_params(self, batch_size=None, eps=None, alpha=None, iteration = None,
                   target = None, x_val_min = None, x_val_max = None):
        
        if batch_size is not None:
            self.batch_size = batch_size
            
        if eps is not None:
            self.eps = eps
            
        if alpha is not None:
            self.alpha = alpha
            
        if iteration is not None:
            self.iteration = iteration
            
        if target is not None:
            self.target = target
            
        if x_val_min is not None:
            self.x_val_min = x_val_min
            
        if x_val_max is not None:
            self.x_val_max = x_val_max

In [3]:
class Transferer(): 
    """
    - Collect all the FL NN 
    - Implement transfer attack sweep
    - Hold all the metrics of interest
    """
    
    def __init__(self, filename:str, config_name = None):
        
        # TO IMPLEMENT - Overwrite current file with config_name
        with open(r'configs/config.yaml') as file:
            self.config = yaml.load(file, Loader=yaml.FullLoader)
            
        self.file = filename
        
        # Matrix to Record Performance (Old Metrics)
        self.orig_acc_transfers = {}
        self.orig_similarities = {}
        self.orig_target_hit = {}
        self.adv_acc_transfers = {}
        self.adv_similarities = {}
        self.adv_target_hit = {}
        
        # Matrix to Record Performance (New Metrics - theoretical)
        
        # Attack Params
        self.ifsgm_params = IFSGM_Params()
        # self.cw_params = IFSGM_Params()
        
        # Other Params
        self.advNN_idx = None # int
        self.advNN = None # pytorch nn
        self.victim_idxs = None # List of ints
        self.victims = None # dict of pytorch nn
        
        # Recorded Data Points
        self.x_orig = None
        self.y_orig = None
        self.y_true = None
        self.x_adv = None
        self.y_adv = None
        
    def generate_advNN(self, client_idx):
        """
        Select specific client to load neural network to 
        Load the data for that client
        Lod the weights for that client
        This is the client that will generate perturbations
        """
        
        # Import Data Loader for this FL set
        file_indices = [i for i in range(self.config['num_sets'])]
        client_slice = len(file_indices)//self.config['num_clients']
        
        # Import the loader for this dataset only
        self.loader = Dataloader(file_indices,[client_idx*(client_slice),min((client_idx+1)*(client_slice),35)])  
        self.loader.load_training_dataset()
        self.loader.load_testing_dataset()
        
        self.advNN_idx = client_idx
        self.advNN = load_FLNN(idx=client_idx, direc=self.file, loader=self.loader)
        
        return
    
    def generate_xadv(self):
        """
        Generate perturbed images
        """
        
        self.advNN.i_fgsm(self.ifsgm_params)
        
        # Record relevant tensors
        self.x_orig = self.advNN.x_orig
        self.y_orig = self.advNN.output_orig
        self.y_true = self.advNN.y_orig
        self.x_adv = self.advNN.x_adv
        self.y_adv = self.advNN.output_adv
    
    def generate_victims(self, client_idxs):
        """
        Load the pre-trained other clients in the system
        """
        
        self.victim_idxs = client_idxs
        self.victims = {}
    
        for i in self.victim_idxs:
            self.victims[i] = load_FLNN(idx=i, direc=self.file, loader=None)
    
    def send_to_victims(self, client_idxs):
        """
        Send pre-generated adversarial perturbations 
        client_idxs - list of indices of clients we want to attack (just victims)
        
        Then record the attack success stats accordingly
        """
        
        for i in client_idxs:
            self.victims[i].forward_transfer(self.x_orig,self.x_adv,
                                         self.y_orig,self.y_adv,
                                         self.y_true, self.ifsgm_params.target, 
                                         print_info=False)
            
            # Record Performance
            self.orig_acc_transfers[i] = self.victims[i].orig_test_acc
            self.orig_similarities[i] = self.victims[i].orig_output_sim
            self.orig_target_hit[i] = self.victims[i].orig_target_achieve

            self.adv_acc_transfers[i] = self.victims[i].adv_test_acc
            self.adv_similarities[i] = self.victims[i].adv_output_sim
            self.adv_target_hit[i] = self.victims[i].adv_target_achieve
                    

In [4]:
client_idx = 0
victim_idxs = [0,1,2,3]

transferer = Transferer(filename = 'exp2_neck2_head3')
transferer.generate_advNN(client_idx = client_idx)
transferer.generate_victims(client_idxs = victim_idxs)
transferer.ifsgm_params = IFSGM_Params()
transferer.generate_xadv()
transferer.send_to_victims(victim_idxs)


Loading  all_data_12_niid_0_keep_0_train_9.json
Loading  all_data_20_niid_0_keep_0_train_9.json
Loading  all_data_11_niid_0_keep_0_train_9.json
Loading  all_data_18_niid_0_keep_0_train_9.json




In [19]:
j = 3

print("orig_acc_transfers\n",transferer.orig_acc_transfers[j])
print("orig_similarities\n",transferer.orig_similarities[j])
print("orig_target_hit\n",transferer.orig_target_hit[j])
print("adv_acc_transfers\n",transferer.adv_acc_transfers[j])
print("adv_similarities\n",transferer.adv_similarities[j])
print("adv_target_hit\n",transferer.adv_target_hit[j])

orig_acc_transfers
 tensor(0.9000, device='cuda:0')
orig_similarities
 tensor(0.9000, device='cuda:0')
orig_target_hit
 tensor(0., device='cuda:0')
adv_acc_transfers
 tensor(0., device='cuda:0')
adv_similarities
 tensor(0.9000, device='cuda:0')
adv_target_hit
 tensor(0.9000, device='cuda:0')


In [7]:
transferer.y_true

tensor([40, 24,  3, 18,  7, 30,  5, 24,  0, 49], device='cuda:0')

In [8]:
torch.argmax(transferer.advNN(transferer.x_orig),dim=1)

tensor([40, 24,  3, 18,  7, 30,  5, 24,  0, 49], device='cuda:0')

In [9]:
torch.argmax(transferer.advNN(transferer.x_adv),dim=1)

tensor([20, 20, 20, 20, 20, 20, 20, 20, 20, 20], device='cuda:0')

In [22]:
torch.argmax(transferer.victims[0](transferer.x_adv),dim = 1)

tensor([20, 20, 20, 20, 20, 20, 20, 20, 20, 20], device='cuda:0')