TechQA.

Iterative Least Likely Class Method Output is not Least Likely Class Bug

22 views Asked by At

I am trying to code ITERATIVE LEAST-LIKELY CLASS METHOD from the paper https://arxiv.org/pdf/1607.02533.pdf, this method is discribing a targeted attack on a clear image, so that the output image- after adding pertubation, will be expected to having label of least likely class from our model predict. But after i ran my code, the adversarial image still didn't have this least likely class label. What's wrong with my code???

This is my least_likely_label, it returned 245.

least_likely_label = tf.one_hot(temp1, depth = 1000)
least_likely_label = tf.expand_dims(least_likely_label, axis = 0)
least_likely_label

this is my Clip function followed formula in the paper

def clip(adv_image,input_image,epsilon) :
    # van de o ham clip nay cua minh
    # max(0,input_image-epsilon)
    temp1 = tf.maximum(0,input_image - epsilon)
    # max(temp1, adv_image)
    temp2 = tf.cast((adv_image>=temp1),tf.float32) * adv_image + tf.cast((temp1 >= adv_image),tf.float32) * temp1
    # min(input_image + epsilon, temp2)
    temp3 = tf.cast((input_image + epsilon >= temp2),tf.float32) * temp2 + tf.cast((input_image + epsilon <= temp2),tf.float32) * input_image
    # min(255, temp3)
    clip_result = tf.minimum(1,temp3)
    return clip_result

This is my code for ILLCM:

loss_object = tf.keras.losses.CategoricalCrossentropy()
def ILLM(input_image, least_likely_label, epsilon):
    X = input_image
    numberOfIter = min(epsilon + 4, 1.25 * epsilon)
    numberOfIter = math.ceil(numberOfIter)
    for i in range(numberOfIter):
        with tf.GradientTape() as tape:
            tape.watch(X)
            prediction = pretrained_model(X)
            # yeah i try to calculate the loss with the fake label
            # but it's still not working
            loss = loss_object(least_likely_label,prediction)
        loss_grad = tape.gradient(loss,X)
        sign_loss_grad = tf.sign(loss_grad)
        X_adv = X - alpha * sign_loss_grad
        X_adv = clip(X_adv, X,epsilon)
        X = X_adv
    
    return X
epsilons = [0.001, 0.01, 0.1, 0.11, 0.2, 0.21, 0.3, 0.4, 0.5,0.51, 0.6, 0.61, 0.7, 0.8, 0.9, 1.11]

In the prediction of my clear image : enter image description here But after add pertubation by ILLCM, i still receive the true label : enter image description here enter image description here

What did i make to make everything go wrong?? Please help me, thanks so much!!!!

tensorflow machine-learning deep-learning adversarial-attack
Original Q&A
0

There are 0 answers

Related Questions in TENSORFLOW

Related Questions in MACHINE-LEARNING

Related Questions in DEEP-LEARNING

Related Questions in ADVERSARIAL-ATTACK

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions