bit_flip_based_adversarial_weight_attack.py

# -*- coding: utf-8 -*-
"""Bit_Flip_based_Adversarial_Weight_Attack.ipynb

Automatically generated by Colaboratory.

Original file is located at
    https://colab.research.google.com/drive/1l8MkzMS2FIEXf-3WNwDJZKxxdYs_mgTT

-------------------------------------------------------
**Defending and Harnessing the Bit-Flip based Adversarial Weight Attack**
-------------------------------------------------------

**CVPR2020 paper**

**Implemented with changes on google colab by zahra heydari**
-------------------------------------------------------

**IPM**

# **GPU Specifications**
"""

!nvidia-smi

"""**Number of cuda device**"""

import torch
torch.cuda.device_count()

"""# **Install Conda on Google Colab**"""

!wget -c https://repo.anaconda.com/miniconda/Miniconda3-py37_4.10.3-Linux-x86_64.sh
!chmod +x Miniconda3-py37_4.10.3-Linux-x86_64.sh
!bash ./Miniconda3-py37_4.10.3-Linux-x86_64.sh -b -f -p /usr/local
!conda install -q -y --prefix /usr/local python=3.7 ujson
import sys
sys.path.append('/usr/local/lib/python3.7/site-packages')
!conda update -n base -c defaults conda

"""# **CIFAR10 DATASET**"""

# Commented out IPython magic to ensure Python compatibility.
# %matplotlib inline

import torch
import torchvision
import torchvision.transforms as transforms

"""**Dataset Definition**"""

transform = transforms.Compose(
    [transforms.ToTensor(),
     transforms.Normalize((0.5, 0.5, 0.5), (0.5, 0.5, 0.5))])

trainset = torchvision.datasets.CIFAR10(root='./data', train=True,
                                        download=True, transform=transform)
trainloader = torch.utils.data.DataLoader(trainset, batch_size=4,
                                          shuffle=True, num_workers=2)

testset = torchvision.datasets.CIFAR10(root='./data', train=False,
                                       download=True, transform=transform)
testloader = torch.utils.data.DataLoader(testset, batch_size=4,
                                         shuffle=False, num_workers=2)

classes = ('plane', 'car', 'bird', 'cat',
           'deer', 'dog', 'frog', 'horse', 'ship', 'truck')

"""**Visualizing CIFAR10 Data**"""

import matplotlib.pyplot as plt
import numpy as np

# functions to show an image


def imshow(img):
    img = img / 2 + 0.5     # unnormalize
    npimg = img.numpy()
    plt.imshow(np.transpose(npimg, (1, 2, 0)))


# get some random training images
dataiter = iter(trainloader)
images, labels = dataiter.next()

# show images
imshow(torchvision.utils.make_grid(images))
# print labels
print(' '.join('%5s' % classes[labels[j]] for j in range(4)))

"""# **Clone BFA from my github**"""

!git clone https://github.com/ZahraHeydari95/BFA.git

"""**Delete the folder if you want**"""

# Commented out IPython magic to ensure Python compatibility.
# %cd ..
# %rm -r BFA

"""**The contents of the current folder**"""

!ls

"""**Go to BFA Folder**"""

# Commented out IPython magic to ensure Python compatibility.
# %cd BFA

"""# **Install requirements**"""

!conda install pytorch=1.1.0 torchvision=0.3.0 cudatoolkit=10.0 -c pytorch
!conda install python

!conda install tensorboardX

!pip --no-cache-dir install -r requirements.txt

!pip install -U setuptools

"""# **HOST Name**"""

!hostname alpha

!hostname

!pwd

"""# **Path**"""

!whereis tensorboard

!python --version

"""# **Attack on the model trained in floating-point**

**BFA**
"""

!bash BFA_CIFAR_Attack_on_model_trained_in_floating_point.sh

"""**Random BFA**"""

!bash BFA_CIFAR_Attack_on_model_trained_in_floating_point.sh

"""**Evaluation CIFAR resnet18 after Bit-Fltp**"""

!bash eval_CIFAR_resnet18.sh

"""**Evaluation CIFAR  Quantized resnet18 after Bit-Fltp**"""

!bash eval_CIFAR_resnet18_quan.sh

"""# **Training-based BFA defense**

# **1. Binarization-aware training**

**Copy file quantization-binariztaion.py from models folder in quantization.py**

for 10 epoches
"""

!bash train_CIFAR.sh

!bash BFA_CIFAR.sh

"""# **2. Piecewise Weight Clustering (PC)**

**return to first quantization.py file from models folder**

for 2 epoches
"""

!bash train_CIFAR.sh

!bash BFA_CIFAR.sh

!bash eval_CIFAR.sh

"""# Results

# **BFA vs Random**
"""

# Commented out IPython magic to ensure Python compatibility.
import pandas as pd
import matplotlib.pyplot as plt
# %matplotlib inline  

import os
import numpy as np
import seaborn as sns

plt.subplots_adjust(hspace=0.5)
plt.rcParams.update({'font.size': 13})

csv_path1 = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA/attack_profile_3884.csv'
csv_path2 = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA/attack_profile_6741.csv'

df1 = pd.read_csv(csv_path1, index_col=False)
df2 = pd.read_csv(csv_path2, index_col=False)

"""**BFA**"""

print(df1)

"""**Random BFA**"""

print(df2)

# fig, ax = plt.subplots(figsize=(6,2))
fig, ax = plt.subplots(nrows=1, ncols=2, figsize=(8,3))

sns.lineplot(x='bit-flip idx', y='validation accuracy', data=df1, label='Random Bit-Flip',color="black", ax=ax[0])

plt.grid(True, 'major', 'y', ls='--', lw=0.8, c='k', alpha=.3)
plt.ylabel('')
plt.xlabel('number of bit-flips')

sns.lineplot(x='bit-flip idx', y='validation accuracy', data=df2, label='Bit-Flip Attack', color="red", ax=ax[1])

for ax_i in ax.flat:
    ax_i.grid(True, 'major', 'y', ls='--', lw=0.8, c='k', alpha=.3)


ax[0].set(xlabel='Number of bit-flips', ylabel='Validation accuracy (%)')
ax[1].set(xlabel='Number of bit-flips', ylabel='')
ax[1].set_xticks([0,1,2])

# plt.grid(True, 'major', 'y', ls='--', lw=0.8, c='k', alpha=.3)
# plt.ylabel('')
# plt.xlabel('number of bit-flips')

# plt.show()

"""# **observation**"""

csv_dir = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA'

csv_file_list = [file for file in os.listdir(
    csv_dir) if file.endswith('.csv')
]

# print(csv_file_list)

csv_dict = {}

# df = pd.DataFrame()
for file in csv_file_list:
    csv_dict[file] = pd.read_csv(os.path.join(csv_dir, file), index_col=False)

df = pd.concat([csv_dict[file] for file in csv_dict], ignore_index=True)

df

"""**Analyze the attack**"""

bfs = []
for idx in set(df['trial seed'].values.flatten()):
    bfs.append(df.loc[df['trial seed']==idx]['bit-flip idx'].max())
bfs = np.array(bfs)
print(
    'bit-flips for multiple trials {} \n \
mean: {} \n std: {}'.format(bfs, bfs.mean(), bfs.std())
)

from torchsummary import summary
from models import resnet18_quan
import torch

device = torch.device('cuda' if torch.cuda.is_available() else 'cpu')
m = resnet18_quan().to(device)
summary(m, input_size=(3, 32, 32))

"""**Plot for Observation-1**"""

# plot style
sns.set(style="whitegrid")
sns.set(style="ticks")
# sns.despine()
sns.set_style({"font.sans-serif":"DejaVu Sans"})
sns.set_style({"grid.color":'0.9'})
sns.set_context("paper", font_scale=1.5, rc={"lines.linewidth": 1})

# f, ax = plt.subplots(figsize=(8,8))

g = sns.FacetGrid(df, col="trial seed", hue='module name',
                palette = 'seismic', margin_titles=True)
g.map(plt.scatter, "weight before attack", "weight after attack", alpha=.7, s=50)
g.add_legend()

for ax in g.axes.flat:
    ax.plot((-127, 127), (-127, 127), c=".1", ls="--")

"""**solution for color bar:**"""

g = sns.FacetGrid(df, col="trial seed", palette = 'seismic')

def facet_scatter(x, y, c, **kwargs):
    """Draw scatterplot with point colors from a faceted DataFrame columns."""
    kwargs.pop("color")
    plt.scatter(x, y, c=c, **kwargs)

# print(df['accuracy drop'].max())
# vmin, vmax = 0, 30
# vmin, vmax = df['accuracy drop'].min(), df['accuracy drop'].max()
vmin, vmax = df['validation accuracy'].min(), df['validation accuracy'].max()

# cmap = sns.diverging_palette(240, 10, l=65, center="dark", as_cmap=True)
# cmap = sns.diverging_palette(220, 20, sep=20, as_cmap=True, center="light")
# cmap = sns.light_palette("red", as_cmap=True)
# cmap = sns.diverging_palette(240, 10, n=9, as_cmap=True)
cmap = 'coolwarm'

g = g.map(facet_scatter,  "weight before attack", "weight after attack", 'validation accuracy',
          s=70, alpha=0.5, vmin=vmin, vmax=vmax, cmap=cmap)

# Make space for the colorbar
g.fig.subplots_adjust(right=.92)

# Define a new Axes where the colorbar will go
cax = g.fig.add_axes([.94, .25, .02, .6])

# Get a mappable object with the same colormap as the data
points = plt.scatter([], [], c=[], vmin=vmin, vmax=vmax, cmap=cmap)

# Draw the colorbar
g.fig.colorbar(points, cax=cax)

for ax in g.axes.flat:
    ax.plot((-127, 127), (-127, 127), c=".1", ls="--")

csv_dir = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA_defense_test_binarized'

csv_file_list = [file for file in os.listdir(
    csv_dir) if file.endswith('.csv')
]

# print(csv_file_list)

csv_dict = {}

for file in csv_file_list:
    if 'output_summary' in file:
        csv_dict[file] = pd.read_csv(os.path.join(csv_dir, file), index_col=False)

df = pd.concat([csv_dict[file] for file in csv_dict], ignore_index=True)

df

# plot style
sns.set(style="whitegrid")
sns.set(style="ticks")
# sns.despine()
sns.set_style({"font.sans-serif":"DejaVu Sans"})
sns.set_style({"grid.color":'0.9'})
sns.set_context("paper", font_scale=1.5, rc={"lines.linewidth": 1})

f, ax = plt.subplots(figsize=(4,4))
sns.distplot(df['top-1 output'], kde=False, vertical=True)
label_list = ('airplane', 'automobile', 'bird', 'cat', 'deer', 'dog', 'frog', 'horse', 'ship', 'truck')
# plt.xticks(np.arange(0, 10))
plt.yticks(np.arange(0, 10), label_list)

"""**Evolution of output under BFA**"""

csv_dir = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA'

csv_file_list = [file for file in os.listdir(
    csv_dir) if file.endswith('.csv')
]

# print(csv_file_list)

csv_dict = {}

for file in csv_file_list:
    if 'output_summary' in file:
        tmp_df = pd.read_csv(os.path.join(csv_dir, file), index_col=False)
        csv_dict[file] = tmp_df

df = pd.concat([csv_dict[file] for file in csv_dict], ignore_index=True)

# change the header of certain column
# https://stackoverflow.com/questions/19758364/rename-specific-columns-in-pandas 
try:
    df.rename(columns={'BFA iteration':'iter'}, inplace=True)
    df.rename(columns={'top-1 output':''}, inplace=True)
except:
    pass

# drop several iterations for less subfigures
# https://chrisalbon.com/python/data_wrangling/pandas_dropping_column_and_rows/
for i in [1,2,4,5,7,8,10,11]:
    # print(df[df['iter'] != i])
    df = df[df['iter'] != i]
    # df.drop(df['iter'] == i)

# df = pd.concat([df['iter']==iter for iter in [0,3,6,9,12]], ignore_index=True)

df

g.fig.savefig(os.path.join(csv_dir,'BFA_output_evolution.pdf'), bbox_inches="tight", transparent=True)

"""**Single sample attack**"""

csv_dir = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA_defense_test_binarized'

csv_file_list = [file for file in os.listdir(
    csv_dir) if file.endswith('.csv')
]

# print(csv_file_list)

csv_dict = {}

for file in csv_file_list:
    if 'output_summary' in file:
        tmp_df = pd.read_csv(os.path.join(csv_dir, file), index_col=False)
        csv_dict[file] = tmp_df

df = pd.concat([csv_dict[file] for file in csv_dict], ignore_index=True)
try:
    df.rename(columns={'BFA iteration':'iter'}, inplace=True)
    df.rename(columns={'top-1 output':''}, inplace=True)
except:
    pass

"""# **Attack Profile**"""

csv_path1 = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA_defense_test_binarized/attack_profile_7442.csv'
csv_path2 = '/content/BFA/save/2022-11-15/cifar10_resnet18_quan_BFA_defense_test_binarized/attack_profile_9348.csv'

df1 = pd.read_csv(csv_path1, index_col=False)
df2 = pd.read_csv(csv_path2, index_col=False)

print(df1)

fig, ax = plt.subplots(figsize=(6,2))
sns.lineplot(x='bit-flip idx', y='validation accuracy', data=df1, label='With defense',color="black")
sns.lineplot(x='bit-flip idx', y='validation accuracy', data=df2, label='Without defense', color="red")
plt.xlim(0,40)
plt.grid(True, 'major', 'y', ls='--', lw=0.8, c='k', alpha=.3)
plt.ylabel('accuracy (%)')
plt.xlabel('number of bit-flips')

import torch
def int2bin(input, num_bits):
    '''
    convert the signed integer value into unsigned integer (2's complement equivalently).
    '''
    output = input.clone()
    output[input.lt(0)] = 2**num_bits + output[input.lt(0)]
    return output

input = torch.Tensor([-1])
int2bin(input,1)