search

fra31 / auto-attack

Code relative to "Reliable evaluation of adversarial robustness with an ensemble of diverse parameter-free attacks"
https://arxiv.org/abs/2003.01690
MIT License
639 stars 111 forks source link

How to use auto-attack with tensorflow? #61

Closed MariaMsu closed 3 years ago

MariaMsu commented 3 years ago

When I run auto-attack with tensorflow I get an error:

import tensorflow as tf
tf_model = tf.keras.applications.VGG16(input_shape=(224, 224, 3))

file_name = "/home/m.cherepnina/cock.jpg"
image = tf.io.read_file(file_name)
image = tf.image.decode_image(image)
image = tf.image.convert_image_dtype(image, tf.float32)
image = tf.image.resize_with_pad(image, target_height=224, target_width=224)

labels = [7]
batch_size= 1
images = tf.keras.applications.vgg16.preprocess_input(tf.convert_to_tensor([image])*255)
images = tf.transpose(images, perm=[0,3,2,1])

import utils_tf2
model_adapted = utils_tf2.ModelAdapter(tf_model)

from autoattack import AutoAttack
adversary = AutoAttack(model_adapted, norm='Linf', eps=epsilon, version='standard', is_tf_model=True)

x_adv = adversary.run_standard_evaluation(images, labels, bs=batch_size)

output:

[INFO] set data_format = 'channels_last'
setting parameters for standard version
using standard version including apgd-ce, apgd-t, fab-t, square

---------------------------------------------------------------------------
RuntimeError                              Traceback (most recent call last)
<ipython-input-97-0e96c60d65fb> in <module>
     21 adversary = AutoAttack(model_adapted, norm='Linf', eps=epsilon, version='standard', is_tf_model=True)
     22 
---> 23 x_adv = adversary.run_standard_evaluation(images, labels, bs=batch_size)

~/auto-attack/autoattack/autoattack.py in run_standard_evaluation(self, x_orig, y_orig, bs)
     81             # calculate accuracy
     82             n_batches = int(np.ceil(x_orig.shape[0] / bs))
---> 83             robust_flags = torch.zeros(x_orig.shape[0], dtype=torch.bool, device=x_orig.device)
     84             for batch_idx in range(n_batches):
     85                 start_idx = batch_idx * bs

RuntimeError: Invalid device string: '/job:localhost/replica:0/task:0/device:CPU:0'
fra31 commented 3 years ago

Hi,

I think one reason is that the input images and labels should be PyTorch tensors (see also here for an example).

Let me know if this works!

MariaMsu commented 3 years ago

Yes, it works. Thanks

I added a workaround

images = torch.from_numpy(images.numpy())