Skip to content

Commit

Permalink
random search
Browse files Browse the repository at this point in the history
  • Loading branch information
goodfeli committed Oct 10, 2018
1 parent 2cf16cc commit be5e629
Showing 1 changed file with 38 additions and 0 deletions.
38 changes: 38 additions & 0 deletions cleverhans/attack_bundling.py
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,44 @@ def fixed_max_confidence_recipe(sess, model, x, y, nb_classes, eps,
MaxConfidence(t=1., new_work_goal=new_work_goal)]
bundle_attacks(sess, model, x, y, attack_configs, goals, report_path)

def random_search_max_confidence_recipe(sess, model, x, y, nb_classes, eps,
clip_min, clip_max, eps_iter, nb_iter,
report_path, batch_size=BATCH_SIZE):
"""Max confidence using random search.
TODO: this is kind of messy because it has different arguments than the
other recipes.
References:
https://openreview.net/forum?id=H1g0piA9tQ
This version runs each attack a fixed number of times.
It is more exhaustive than `single_run_max_confidence_recipe` but because
it uses a fixed budget rather than running indefinitely it is more
appropriate for making fair comparisons between two models.
:param sess: tf.Session
:param model: cleverhans.model.Model
:param x: numpy array containing clean example inputs to attack
:param y: numpy array containing true labels
:param nb_classes: int, number of classes
:param eps: float, maximum size of perturbation (measured by max norm)
:param eps_iter: float, step size for one version of PGD attacks
(will also run another version with 25X smaller step size)
:param nb_iter: int, number of iterations for one version of PGD attacks
(will also run another version with 25X more iterations)
:param report_path: str, the path that the report will be saved to.
:batch_size: int, the total number of examples to run simultaneously
"""
noise_attack = Noise(model, sess)
threat_params = {"eps": eps, "clip_min" : clip_min, "clip_max" : clip_max}
noise_attack_config = AttackConfig(noise_attack, threat_params)
attack_configs = [noise_attack_config]
assert batch_size % num_devices == 0
dev_batch_size = batch_size // num_devices
new_work_goal = {noise_attack_config: 10000}
goals = [MaxConfidence(t=1., new_work_goal=new_work_goal)]
bundle_attacks(sess, model, x, y, attack_configs, goals, report_path)

class AttackConfig(object):
"""
An attack and associated parameters.
Expand Down

0 comments on commit be5e629

Please sign in to comment.