In [1]:
pwd

'/content'

In [2]:
cd drive/MyDrive/CSAW-HackML-2020/

[Errno 2] No such file or directory: 'drive/MyDrive/CSAW-HackML-2020/'
/content


In [1]:
import json
import os
import pandas as pd
import pprint
import tensorflow as tf
import time
import numpy as np
from tensorflow import keras

In [2]:
import keras
import keras.backend as K
from keras import initializers


def Net():
	# define input
	x = keras.Input(shape=(55, 47, 3), name='input')
	# feature extraction
	conv_1 = keras.layers.Conv2D(20, (4, 4), activation='relu', name='conv_1')(x)
	pool_1 = keras.layers.MaxPooling2D((2, 2), name='pool_1')(conv_1)
	conv_2 = keras.layers.Conv2D(40, (3, 3), activation='relu', name='conv_2')(pool_1)
	pool_2 = keras.layers.MaxPooling2D((2, 2), name='pool_2')(conv_2)
	conv_3 = keras.layers.Conv2D(60, (3, 3), activation='relu', name='conv_3')(pool_2)
	pool_3 = keras.layers.MaxPooling2D((2, 2), name='pool_3')(conv_3)
	# first interpretation model
	flat_1 = keras.layers.Flatten()(pool_3)	
	fc_1 = keras.layers.Dense(160, name='fc_1')(flat_1)
	# second interpretation model
	conv_4 = keras.layers.Conv2D(80, (2, 2), activation='relu', name='conv_4')(pool_3)
	flat_2 = keras.layers.Flatten()(conv_4)
	fc_2 = keras.layers.Dense(160, name='fc_2')(flat_2)
	# merge interpretation
	merge = keras.layers.Add()([fc_1, fc_2])
	add_1 = keras.layers.Activation('relu')(merge)
	drop = keras.layers.Dropout(0.5)
	# output
	y_hat = keras.layers.Dense(1283, activation='softmax', name='output')(add_1)
	model = keras.Model(inputs=x, outputs=y_hat)
	# summarize layers
	# print(model.summary())
	# plot graph
	# plot_model(model, to_file='model_architecture.png')

	return model


K.clear_session()
model = Net()

Instructions for updating:
If using Keras pass *_constraint arguments to layers.



Using TensorFlow backend.


In [3]:
import keras
import sys
import h5py
import numpy as np
import os

# clean_data_filename = str(sys.argv[1])
# model_filename = str(sys.argv[2])

clean_data_filename = '../data/sunglasses_poisoned_data.h5'
model_filename = '../models/sunglasses_bd_net.h5'

def data_loader(filepath):
    data = h5py.File(filepath, 'r')
    x_data = np.array(data['data'])
    y_data = np.array(data['label'])
    x_data = x_data.transpose((0,2,3,1))

    return x_data, y_data

def data_preprocess(x_data):
    return x_data/255

x_test, y_test = data_loader(clean_data_filename)
x_test = data_preprocess(x_test)

bd_model = keras.models.load_model(model_filename)

clean_label_p = np.argmax(bd_model.predict(x_test), axis=1)
class_accu = np.mean(np.equal(clean_label_p, y_test))*100
print('Classification accuracy:', class_accu)
    


Classification accuracy: 99.99220576773187


In [None]:
from keras.utils.vis_utils import plot_model

plot_model(bd_model, to_file='model_plot.png', show_shapes=True, show_layer_names=True)

In [None]:
import matplotlib.pyplot as plt
example_x = x_test[1]
print(x_test.shape)
print(y_test[1])
plt.figure()
plt.imshow(example_x)
plt.show()


In [None]:
clean_data_filename = 'data/clean_test_data.h5'
x_test, y_test = data_loader(clean_data_filename)
x_test = data_preprocess(x_test)
example_x = x_test[1]
print(x_test.shape)
print(y_test[1])
plt.figure()
plt.imshow(example_x)
plt.show()

In [None]:
use_tpu = False #@param {type:"boolean"}

if use_tpu:
    assert 'COLAB_TPU_ADDR' in os.environ, 'Missing TPU; did you request a TPU in Notebook Settings?'

if 'COLAB_TPU_ADDR' in os.environ:
  TF_MASTER = 'grpc://{}'.format(os.environ['COLAB_TPU_ADDR'])
else:
  TF_MASTER=''
# TPU address
tpu_address = TF_MASTER
resolver = tf.distribute.cluster_resolver.TPUClusterResolver(TF_MASTER)
tf.config.experimental_connect_to_cluster(resolver)
tf.tpu.experimental.initialize_tpu_system(resolver)
strategy = tf.distribute.experimental.TPUStrategy(resolver)


In [None]:
validation_data_name = 'data/clean_validation_data.h5'
x_validation, y_validation = data_loader(clean_data_filename)
x_validation = data_preprocess(x_validation)

In [None]:
with strategy.scope():
  norm_model = Net()
  norm_model.compile(optimizer=tf.keras.optimizers.Adam(learning_rate=0.001), 
                loss=tf.keras.losses.sparse_categorical_crossentropy, 
                metrics=['accuracy'])
norm_model.fit(
    x=x_test,
    y=y_test,
    epochs=40
    # validation_data=(x_validation, y_validation)
)
norm_model.save('norm_model1.h5')
norm_model.save_weights('norm_model_weight.h5')

In [None]:
! pip install -q tensorflow-model-optimization
import tensorflow_model_optimization as tfmot
import tempfile


In [None]:
bd_model = Net()
bd_model.load_weights('models/sunglasses_bd_weights.h5')

num_images = 12830
batch_size = 32
epochs = 2
end_step = np.ceil(num_images / batch_size).astype(np.int32) * epochs
pruning_params = {
      'pruning_schedule': tfmot.sparsity.keras.PolynomialDecay(initial_sparsity=0.50,
                                  final_sparsity=0.80,
                                  begin_step=0,
                                  end_step=end_step)
}

def apply_pruning_to_dense(layer):  
  if layer.name in ['fc_2']:
    return tfmot.sparsity.keras.prune_low_magnitude(layer, **pruning_params)
  return layer


model_for_pruning = tf.keras.models.clone_model(
    bd_model,
    clone_function=apply_pruning_to_dense,
)
model_for_pruning.summary()

In [None]:
import tempfile
log_dir = tempfile.mkdtemp()
# model_for_pruning = Net()
model_for_pruning.compile(optimizer=tf.keras.optimizers.Adam(learning_rate=0.001), 
                loss=tf.keras.losses.sparse_categorical_crossentropy, 
                metrics=['accuracy'])
logdir = tempfile.mkdtemp()

callback = [
  tfmot.sparsity.keras.UpdatePruningStep(),
  tfmot.sparsity.keras.PruningSummaries(log_dir=logdir),
]

clean_data_filename = 'data/clean_test_data.h5'
clean_x, clean_y = data_loader(clean_data_filename)
clean_x = data_preprocess(clean_x)

model_for_pruning.fit(
    clean_x,
    clean_y,
    epochs=2,
    callbacks=callback,
)

In [None]:
model_for_pruning.evaluate(x_validation, y_validation)

In [None]:
model_for_pruning.summary()

In [None]:
anonymous_bd_net = keras.models.load_model('models/anonymous_bd_net.h5')
anonymous_bd_net.summary()
from keras.models import Model

model2 = Model(anonymous_bd_net.input, anonymous_bd_net.layers[-2].output)
add_1 = model2.layers[-1]
y_hat = keras.layers.Dense(1284, activation='softmax', name='output')(add_1)
model2.summary()
anonymous_bd_net.summary()

In [None]:
def predict(x):
  bd_y = bd_model.predict(x)
  bd_y = np.argmax(bd_y)
  prn_y = model_for_pruning.predict(x)
  prn_y = np.argmax(prn_y)
  if bd_y == prn_y:
    return bd_y
  return 1284