Spaces:

WAT-ai-AA
/

stable-diffused-adversarial-attacks

Runtime error

App Files Files Community

Pie31415 commited on Feb 28, 2023

Commit

2a27c35

1 Parent(s): 82b5728

updated gradio app

Browse files

Files changed (4) hide show

app.py +56 -12
attack.py +59 -0
model.py +78 -0
models/resnet.ckpt +3 -0

app.py CHANGED Viewed

@@ -1,17 +1,61 @@
-import gradio as gr
-from diffusers import StableDiffusionPipeline, EulerDiscreteScheduler
 import torch
-model_id = "stabilityai/stable-diffusion-2"
-scheduler = EulerDiscreteScheduler.from_pretrained(model_id, subfolder="scheduler")
-device = troch.device("cuda" if torch.cuda.is_avaliable() else "cpu")
-pipe = StableDiffusionPipeline.from_pretrained(model_id, scheduler=scheduler, revision="fp16")
 pipe = pipe.to(device)
-def txt2img(prompt):
-  image = pipe(prompt, height=768, width=768, guidance_scale = 10).images[0]
-  # image.save("sd_image.png")
-  return image
-gr.Interface(txt2img, gr.Text(), gr.Image(), title = 'Stable Diffusion 2.0 Colab with Gradio UI').launch(share = False, debug = True)

 import torch
+import gradio as gr
+from torchvision import transforms
+from diffusers import StableDiffusionPipeline
+from model import ResNet, ResidualBlock
+from attack import Attack
+device = "cuda" if torch.cuda.is_available() else "cpu"
+pipe = StableDiffusionPipeline.from_pretrained(
+    "stabilityai/stable-diffusion-2-1-base"
+)
 pipe = pipe.to(device)
+CLASSES = (
+    "plane",
+    "car",
+    "bird",
+    "cat",
+    "deer",
+    "dog",
+    "frog",
+    "horse",
+    "ship",
+    "truck",
+)
+def load_classifer(model_path):
+    # load resnet model
+    model = ResNet(ResidualBlock, [2, 2, 2])
+    model.load_state_dict(torch.load(model_path))
+    model.eval()
+    return model
+classifer = load_classifer("./models/resnet.ckpt")
+attack = Attack(pipe, classifer, device)
+def classifer_pred(image):
+    to_pil = transforms.ToPILImage()
+    input = attack.transform(to_pil(image[0]))
+    outputs = classifer(input)
+    _, predicted = torch.max(outputs, 1)
+    return CLASSES[predicted[0]]
+def run_attack(prompt, epsilon):
+    image, perturbed_image = attack(prompt, epsilon=epsilon)
+    pred = classifer_pred(perturbed_image)
+    return image, pred
+demo = gr.Interface(
+    run_attack,
+    [gr.Text(), gr.Slider(minimum=0.0, maximum=0.3, value=float)],
+    [gr.Image(), gr.Text()],
+    title="Stable Diffused Adversarial Attacks",
+)
+demo.launch()

attack.py ADDED Viewed

	@@ -0,0 +1,59 @@

+import torch
+from torchvision import transforms
+class Attack:
+    def __init__(self, pipe, classifer, device="cuda"):
+        self.device = device
+        self.pipe = pipe
+        self.generator = torch.Generator(device=self.device).manual_seed(1024)
+        self.classifer = classifer
+    def __call__(
+        self, prompt, negative_prompt="", size=512, guidance_scale=8, epsilon=0
+    ):
+        pipe_output = self.pipe(
+            prompt=prompt,  # What to generate
+            negative_prompt=negative_prompt,  # What NOT to generate
+            height=size,
+            width=size,  # Specify the image size
+            guidance_scale=guidance_scale,  # How strongly to follow the prompt
+            num_inference_steps=30,  # How many steps to take
+            generator=self.generator,  # Fixed random seed
+        )
+        # Resulting image:
+        init_image = pipe_output.images[0]
+        image = self.transform(init_image)
+        image.requires_grad = True
+        outputs = self.classifer(image).to(self.device)
+        target = torch.tensor([0]).to(self.device)
+        return (
+            init_image,
+            self.untargeted_attack(image, outputs, target, epsilon),
+        )
+    def transform(self, image):
+        img_tfms = transforms.Compose(
+            [transforms.Resize(32), transforms.ToTensor()]
+        )
+        image = img_tfms(image)
+        image = torch.unsqueeze(image, dim=0)
+        return image
+    def untargeted_attack(self, image, pred, target, epsilon):
+        loss = torch.nn.functional.nll_loss(pred, target)
+        self.classifer.zero_grad()
+        loss.backward()
+        gradient_sign = image.grad.data.sign()
+        perturbed_image = image + epsilon * gradient_sign
+        perturbed_image = torch.clamp(perturbed_image, 0, 1)
+        return perturbed_image

model.py ADDED Viewed

	@@ -0,0 +1,78 @@

+import torch.nn as nn
+def conv3x3(in_channels, out_channels, stride=1):
+    return nn.Conv2d(
+        in_channels,
+        out_channels,
+        kernel_size=3,
+        stride=stride,
+        padding=1,
+        bias=False,
+    )
+class ResidualBlock(nn.Module):
+    def __init__(self, in_channels, out_channels, stride=1, downsample=None):
+        super(ResidualBlock, self).__init__()
+        self.conv1 = conv3x3(in_channels, out_channels, stride)
+        self.bn1 = nn.BatchNorm2d(out_channels)
+        self.relu = nn.ReLU(inplace=True)
+        self.conv2 = conv3x3(out_channels, out_channels)
+        self.bn2 = nn.BatchNorm2d(out_channels)
+        self.downsample = downsample
+    def forward(self, x):
+        residual = x
+        out = self.conv1(x)
+        out = self.bn1(out)
+        out = self.relu(out)
+        out = self.conv2(out)
+        out = self.bn2(out)
+        if self.downsample:
+            residual = self.downsample(x)
+        out += residual
+        out = self.relu(out)
+        return out
+class ResNet(nn.Module):
+    def __init__(self, block, layers, num_classes=10):
+        super(ResNet, self).__init__()
+        self.in_channels = 16
+        self.conv = conv3x3(3, 16)
+        self.bn = nn.BatchNorm2d(16)
+        self.relu = nn.ReLU(inplace=True)
+        self.layer1 = self.make_layer(block, 16, layers[0])
+        self.layer2 = self.make_layer(block, 32, layers[1], 2)
+        self.layer3 = self.make_layer(block, 64, layers[2], 2)
+        self.avg_pool = nn.AvgPool2d(8)
+        self.fc = nn.Linear(64, num_classes)
+    def make_layer(self, block, out_channels, blocks, stride=1):
+        downsample = None
+        if (stride != 1) or (self.in_channels != out_channels):
+            downsample = nn.Sequential(
+                conv3x3(self.in_channels, out_channels, stride=stride),
+                nn.BatchNorm2d(out_channels),
+            )
+        layers = []
+        layers.append(
+            block(self.in_channels, out_channels, stride, downsample)
+        )
+        self.in_channels = out_channels
+        for i in range(1, blocks):
+            layers.append(block(out_channels, out_channels))
+        return nn.Sequential(*layers)
+    def forward(self, x):
+        out = self.conv(x)
+        out = self.bn(out)
+        out = self.relu(out)
+        out = self.layer1(out)
+        out = self.layer2(out)
+        out = self.layer3(out)
+        out = self.avg_pool(out)
+        out = out.view(out.size(0), -1)
+        out = self.fc(out)
+        return out

models/resnet.ckpt ADDED Viewed

	@@ -0,0 +1,3 @@

+version https://git-lfs.github.com/spec/v1
+oid sha256:f103f240fcc6500cf05aebda74a2eba82112fe34f799a0e1f8c93b8704ce4de8
+size 812339