黑盒攻击graphpipe下的基于tensorflow的squeezenet模型

advbox/models/graphpipeBlackBox.py

@@ -75,15 +75,6 @@ def predict(self, data):
 
         predict = np.squeeze(predict, axis=0)
 
-        #logger.info("predict={} index={}", predict[np.argmax(predict)], np.argmax(predict))
-        #logger.info(predict)
-        #pro=self.softmax(predict)
-
-        #label=np.argmax(pro)
-        #pro=pro[label]
-
-        #logger.info("lable={} pro={}".format(label,pro))
-
         return predict
 
     def num_classes(self):

applications/graphpipe/graphpipe_localsearch.py

@@ -43,12 +43,26 @@
 
 '''
 #服务器端启动方式为：
+
+Tensorflow
+
+cpu
+docker run -it --rm \
+      -e https_proxy=${https_proxy} \
+      -p 9000:9000 \
+      sleepsonthefloor/graphpipe-tf:cpu \
+      --model=https://oracle.github.io/graphpipe/models/squeezenet.pb \
+      --listen=0.0.0.0:9000
+
+ONNX
+
 docker run -it --rm \
-    -e https_proxy=${https_proxy} \
-    -p 9000:9000 \
-    sleepsonthefloor/graphpipe-tf:cpu \
-    --model=https://oracle.github.io/graphpipe/models/squeezenet.pb \
-    --listen=0.0.0.0:9000
+      -e https_proxy=${https_proxy} \
+      -p 9000:9000 \
+      sleepsonthefloor/graphpipe-onnx:cpu \
+      --value-inputs=https://oracle.github.io/graphpipe/models/squeezenet.value_inputs.json \
+      --model=https://oracle.github.io/graphpipe/models/squeezenet.onnx \
+      --listen=0.0.0.0:9000
 '''
 
 def main():

applications/graphpipe/graphpipe_tool.py

@@ -52,6 +52,13 @@ def main(image_path):
     #print(data.shape)
 
     pred = remote.execute("http://127.0.0.1:9000", data)
+
+    print(pred.shape)
+
+    #pred=np.squeeze(pred,axis=2)
+
+    print(pred.shape)
+
     print("{}".format(np.argmax(pred, axis=1)))