# FGSM Sweep 1

TJ Kim <br/>
1/16/21

#### Objective: 
Run FGSM attack on different number of head layers in federated learning and observe performance,


In [1]:
cd '/home/ubuntu/FedAtk/' 

/home/ubuntu/FedAtk


### Load Relevant Libraries and Modules

Load the relevant libraries for the federated learning code.

In [7]:
import time
import yaml

import numpy as np
import torch
import matplotlib.pyplot as plt
import random
import csv
import os
import pickle
from torch.autograd import Variable

import multiprocessing as mp
import queue

# Extra not from py file
from collections import OrderedDict 
import itertools

from __future__ import print_function
import torch
import torch.nn as nn
import torch.nn.functional as F
import torch.optim as optim
from torchvision import datasets, transforms
import numpy as np
import matplotlib.pyplot as plt

# Import Custom Made Victim
from transfer_attacks.victim_nn import *

# Federated Learning Module        
from federated_training.femnist_dataloader import Dataloader
from federated_training.cnn_head import CNN_Head
from federated_training.cnn_neck import CNN_Neck
from federated_training.cnn_server import Server
from federated_training.cnn_client import Client
from federated_training.data_manager import DataManager
from federated_training.utils import cuda, where

from federated_training.utilities import freeze_layers

### Transfer Attack Sweeping Different Configs

In [16]:
class IFSGM_Params():
    
    def __init__(self):
        
        # Attack Params
        self.batch_size = 1000
        self.eps = 0.5
        self.alpha = 0.5
        self.iteration = 30
        self.target = 10

class Transferer(): 
    """
    - Collect all the FL NN 
    - Implement transfer attack sweep
    - Hold all the metrics of interest
    """
    
    def __init__(self, filename:str, config_name = None):
        
        # TO IMPLEMENT - Overwrite current file with config_name
        with open(r'configs/config.yaml') as file:
            self.config = yaml.load(file, Loader=yaml.FullLoader)
            
        self.file = filename
            
        # Import Data Loader for this FL set
        file_indices = [i for i in range(self.config['num_sets'])]
        client_slice = len(file_indices)//self.config['num_clients']
        
        self.loader = Dataloader(file_indices,[source*(client_slice),min((source+1)*(client_slice),35)])  
        self.loader.load_training_dataset()
        self.loader.load_testing_dataset()
        
        # Matrix to Record Performance (Old Metrics)
        self.orig_acc_transfers = np.zeros((config['num_clients'],config['num_clients']))
        self.orig_similarities = np.zeros((config['num_clients'],config['num_clients']))
        self.orig_target_hit = np.zeros((config['num_clients'],config['num_clients']))
        self.adv_acc_transfers = np.zeros((config['num_clients'],config['num_clients']))
        self.adv_similarities = np.zeros((config['num_clients'],config['num_clients']))
        self.adv_target_hit = np.zeros((config['num_clients'],config['num_clients']))
        
        # Matrix to Record Performance (New Metrics - theoretical)
        
        # Attack Params
        self.ifsgm_params = IFSGM_Params()
        self.cw_params = IFSGM_Params()
        
        
        
    def generate_victim(self, client_idx):
        """
        Select specific client to load neural network to 
        Load the data for that client
        Lod the weights for that client
        """
        
        
        return
        

In [19]:
transferer = Transferer(filename = 'exp2_neck2_head3')
transferer.ifsgm_params.batch_size

1000

In [8]:
# Load Config File and Slie Indices
with open(r'configs/config.yaml') as file:
        config = yaml.load(file, Loader=yaml.FullLoader)
        
file_indices = [i for i in range(config['num_sets'])]
#random.shuffle(file_indices)
client_slice = len(file_indices)//config['num_clients']

# File names of FL trained setting
filenames = ["exp2_neck2_head1", "exp2_neck2_head2",
             "exp2_neck2_head3", "exp2_neck2_head4"]

# Matrix to Record Performance
orig_acc_transfers = np.zeros((1,config['num_clients']))
orig_similarities = np.zeros((1,config['num_clients']))
orig_target_hit = np.zeros((1,config['num_clients']))
adv_acc_transfers = np.zeros((1,config['num_clients']))
adv_similarities = np.zeros((1,config['num_clients']))
adv_target_hit = np.zeros((1,config['num_clients']))

# Attack Params
batch_size = 1000
eps = 0.5
alpha = 0.5
iteration = 30
target = 10

In [5]:
file = 'exp2_neck2_head3'

for source in range(1):
    
    # Bring in the data loader for this client
    loader = Dataloader(file_indices,[source*(client_slice),min((source+1)*(client_slice),35)])  
    loader.load_training_dataset()
    loader.load_testing_dataset()

    victim_source = load_victim(source,loader,file)

    # Generate adversarial Perturbations
    victim_source.i_fgsm(batch_size = batch_size, target= target, eps=eps, alpha=alpha, 
               iteration=iteration, x_val_min=-1, x_val_max=1, print_info=False)

    # Record relevant tensors
    x_orig = victim_source.x_orig
    y_orig = victim_source.output_orig
    y_true = victim_source.y_orig
    x_adv = victim_source.x_adv
    y_adv = victim_source.output_adv

    print("======== Source", source, "========")

    for dest in range(config['num_clients']):

        print("    ==== Dest", dest, "====")

        victim_dest = load_victim(dest,loader,file)

        # Compute Stats and record
        victim_dest.forward_transfer(x_orig,x_adv,y_orig,y_adv,y_true, target, print_info=True)

        orig_acc_transfers[source,dest] = victim_dest.orig_test_acc
        orig_similarities[source,dest] = victim_dest.orig_output_sim
        orig_target_hit[source,dest] = victim_dest.orig_target_achieve

        adv_acc_transfers[source,dest] = victim_dest.adv_test_acc
        adv_similarities[source,dest] = victim_dest.adv_output_sim
        adv_target_hit[source,dest] = victim_dest.adv_target_achieve

Loading  all_data_12_niid_0_keep_0_train_9.json
Loading  all_data_20_niid_0_keep_0_train_9.json
Loading  all_data_11_niid_0_keep_0_train_9.json
Loading  all_data_18_niid_0_keep_0_train_9.json




    ==== Dest 0 ====
---- Attack Transfer: ----

         Orig Test Acc: 0.8980000615119934
          Adv Test Acc: 0.07600000500679016
Orig Output Similarity: 0.9830000400543213
 Adv Output Similarity: 0.1380000114440918
       Orig Target Hit: 0.010000000707805157
        Adv Target Hit: 0.04000000283122063
    ==== Dest 1 ====
---- Attack Transfer: ----

         Orig Test Acc: 0.7950000166893005
          Adv Test Acc: 0.06599999964237213
Orig Output Similarity: 0.8540000319480896
 Adv Output Similarity: 0.08500000089406967
       Orig Target Hit: 0.00800000037997961
        Adv Target Hit: 0.018000001087784767
    ==== Dest 2 ====
---- Attack Transfer: ----

         Orig Test Acc: 0.7720000147819519
          Adv Test Acc: 0.08800000697374344
Orig Output Similarity: 0.8170000314712524
 Adv Output Similarity: 0.09300000220537186
       Orig Target Hit: 0.007000000216066837
        Adv Target Hit: 0.018000001087784767
    ==== Dest 3 ====
---- Attack Transfer: ----

         Orig T

In [6]:
print("orig_acc_transfers\n",np.round(orig_acc_transfers,3)[0])
print("orig_similarities\n",np.round(orig_similarities,3))
print("orig_target_hit\n",np.round(orig_target_hit,3))
print("adv_acc_transfers\n",np.round(adv_acc_transfers,3))
print("adv_similarities\n",np.round(adv_similarities,3))
print("adv_target_hit\n",np.round(adv_target_hit,3))

orig_acc_transfers
 [0.898 0.795 0.772 0.837 0.719 0.775 0.795 0.819]
orig_similarities
 [[0.983 0.854 0.817 0.873 0.77  0.82  0.846 0.864]]
orig_target_hit
 [[0.01  0.008 0.007 0.011 0.006 0.007 0.007 0.009]]
adv_acc_transfers
 [[0.076 0.066 0.088 0.081 0.074 0.079 0.071 0.076]]
adv_similarities
 [[0.138 0.085 0.093 0.092 0.087 0.084 0.079 0.103]]
adv_target_hit
 [[0.04  0.018 0.018 0.031 0.014 0.014 0.012 0.028]]
