kabkabm / defensegan Goto Github PK

I wanna to know how to use my own picture dataset to get the model which defenses Adversarial Attacks.How could I change the code to train my own dataset?

Hi, I was running your code (so neat and nice),
but I think fgsm attack seems not working in whitebox setting.

I ran separately adv_x to see how it looks like, and it was very clean.
I checked the gradient of model.get_preds(images_pl) with respect to images_pl and it was all zero.

Am I doing something wrong?

I ran the codes on my computer for python3 and tensorflow-gpu, but I found a trouble that:
stddev=np.sqrt(1.0 / self.latent_dim)),
TypeError: unsupported operand type(s) for /: 'float' and 'NoneType'
In fact, the self.latent_dim is defined in the gan.py as a initial for None, Is it a problem for python3? Thanks a lot

When I run fgsm to attack the model with defense-GAN, I found that defense-GAN indeed defend the attack. However, the distortion between benign images and adversarial images is zero, which means that the adversarial examples are the same as benign examples. Is there something wrong? Or fgsm could not get the gradient because the existence of defense-GAN?

Error happened Unable to find current revision in submodule path 'cleverhans' when running git submodule update --init --recursive

@po0ya @kabkabm . Thank you very much for the work .

I am trying to create deter physical adversarial attacks using defensegan and trained the GAN on celebA dataset. However, when I tried to reproduce the blackbox of whitebox attack I am stuck at this error. "TypeError: load() got an unexpected keyword argument 'transform_type'"
Any idea how to fix this ? I am running the code on a google cloud vm with Cuda 7.05 . Trained the gan up to 135000 iterations .

**2018-11-04 04:24:57.427800: I tensorflow/core/platform/cpu_feature_guard.cc:141] Your CPU supports instructions tha
t this TensorFlow binary was not compiled to use: AVX2 FMA
2018-11-04 04:24:59.468111: I tensorflow/stream_executor/cuda/cuda_gpu_executor.cc:964] successful NUMA node read f
rom SysFS had negative value (-1), but there must be at least one NUMA node, so returning NUMA node zero
2018-11-04 04:24:59.468505: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1411] Found device 0 with properties
:
name: Tesla K80 major: 3 minor: 7 memoryClockRate(GHz): 0.8235
pciBusID: 0000:00:04.0
totalMemory: 11.17GiB freeMemory: 11.10GiB
2018-11-04 04:24:59.468537: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1490] Adding visible gpu devices: 0
2018-11-04 04:24:59.777777: I tensorflow/core/common_runtime/gpu/gpu_device.cc:971] Device interconnect StreamExecu
tor with strength 1 edge matrix:
2018-11-04 04:24:59.777830: I tensorflow/core/common_runtime/gpu/gpu_device.cc:977] 0
2018-11-04 04:24:59.777839: I tensorflow/core/common_runtime/gpu/gpu_device.cc:990] 0: N
2018-11-04 04:24:59.778142: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1103] Created TensorFlow device (/jo
b:localhost/replica:0/task:0/device:GPU:0 with 10758 MB memory) -> physical GPU (device: 0, name: Tesla K80, pci bu
s id: 0000:00:04.0, compute capability: 3.7)
[*] Checkpoint is read successfully from output/gans/celeba
2018-11-04 04:24:59.805142: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1490] Adding visible gpu devices: 0
2018-11-04 04:24:59.805183: I tensorflow/core/common_runtime/gpu/gpu_device.cc:971] Device interconnect StreamExecu
tor with strength 1 edge matrix:
2018-11-04 04:24:59.805200: I tensorflow/core/common_runtime/gpu/gpu_device.cc:977] 0
2018-11-04 04:24:59.805210: I tensorflow/core/common_runtime/gpu/gpu_device.cc:990] 0: N
2018-11-04 04:24:59.805428: I tensorflow/core/common_runtime/gpu/gpu_device.cc:1103] Created TensorFlow device (/jo
b:localhost/replica:0/task:0/device:GPU:0 with 10758 MB memory) -> physical GPU (device: 0, name: Tesla K80, pci bu
s id: 0000:00:04.0, compute capability: 3.7)
Traceback (most recent call last):
File "blackbox.py", line 762, in
tf.app.run(main=main_cfg)
File "/usr/local/lib/python2.7/dist-packages/tensorflow/python/platform/app.py", line 125, in run
_sys.exit(main(argv))
File "blackbox.py", line 761, in
main_cfg = lambda x: main(cfg, x)
File "blackbox.py", line 685, in main
defense_type=FLAGS.defense_type)
File "blackbox.py", line 419, in blackbox
get_cached_gan_data(gan, test_on_dev, orig_data_flag=True)
File "blackbox.py", line 357, in get_cached_gan_data
orig_data=orig_data_flag,
File "blackbox.py", line 245, in get_celeba
ds_test.load(split=dev_name, transform_type=1)
TypeError: load() got an unexpected keyword argument 'transform_type' **

absl.flags._exceptions.UnrecognizedFlagError: Unknown command line flag 'cfg'. Did you mean: cfg_path ?

This error arrises while running "python train.py --cfg experiments/cfgs/gans/mnist.yml --is_train"
It arrises at "C:\Users\ELCOT\defensegan\utils\config.py", line 77, in load_config
if hasattr(flags, k.lower()) this place.

I follow ur instrumentation,but when I wanna train.
absl.flags._exceptions.UnrecognizedFlagError: Unknown command line flag 'cfg'. Did you mean: cfg_path ?

This problem troubled me.
How to solve this problem.hope to get ur answer.
thanks

TypeError: The model argument should be an instance of the cleverhans.model.Model class.

Please change the requirements for 'tqdm=4.28.1' to 'tqdm==4.28.1'.

Hi, there seems to be an issue with the dataset downloading function for f-mnist dataset since its not getting downloaded, nor printing any log messages!

In Model/gan.py line #177 and #178 :

differences = self.fake_data - self.real_data
interpolates = self.real_data + (alpha * differences)

According to my understanding of WGAN-GP paper interpolates should be
interpolates = self.fake_data + (alpha * differences)
and differences should be
differences = self.real_data - self.fake_data

is my understanding right? please correct me if I'm wrong.

Is there any way to use the already trained celeba model (trained with train.py) and infer for a single perturbed image and see if the model regenerates the original?

Hi,
I'm getting error after running the whitbox.py with the configuration given in the Readme file . I got the error at line #210 "adv_x = attack_obj.generate(images_pl, **attack_params)". Please help me to solve this issue. Please note that blackbox.py is working fine. Here is the screenshot for the error.

Thank you.

I'm trying to generate the Table 4, Row 1 results of the paper.

Set up is a white box, Model A, FGSM attack 0.3, No defense, 50 epochs, 1e-3 lr, MNIST, Adam optimizer. While the paper reports 99.7 classifier accuracy and 0.217 in case of no defense, the code produces around 99.4 classifier accuracy and 0.16 in the case of no defense.

Can you please tell us the changes to get close to original numbers. the only difference that I can notice is complete data (60K) is used in the code without any validation data