diff --git a/examples/model_security/model_defenses/mnist_evaluation.py b/examples/model_security/model_defenses/mnist_evaluation.py index b6dc7ab..b5e54b5 100644 --- a/examples/model_security/model_defenses/mnist_evaluation.py +++ b/examples/model_security/model_defenses/mnist_evaluation.py @@ -99,6 +99,8 @@ class ModelToBeAttacked(BlackModel): """ predict function """ + if len(inputs.shape) == 3: + inputs = np.expand_dims(inputs, axis=0) query_num = inputs.shape[0] results = [] if self._detector: @@ -225,7 +227,7 @@ def test_defense_evaluation(): load_param_into_net(bb_net, load_dict) bb_model = ModelToBeAttacked(bb_net, defense=False) attack_rm = GeneticAttack(model=bb_model, pop_size=6, mutation_rate=0.05, - per_bounds=0.1, step_size=0.25, temp=0.1, + per_bounds=0.5, step_size=0.25, temp=0.1, sparse=False) attack_target_label = target_label[:attacked_size] true_label = labels[:attacked_size + benign_size] @@ -263,7 +265,7 @@ def test_defense_evaluation(): # attack defensed model attack_dm = GeneticAttack(model=bb_def_model, pop_size=6, mutation_rate=0.05, - per_bounds=0.1, step_size=0.25, temp=0.1, + per_bounds=0.5, step_size=0.25, temp=0.1, sparse=False) for idx in range(attacked_size): def_st = time.time() diff --git a/mindarmour/fuzz_testing/image_transform.py b/mindarmour/fuzz_testing/image_transform.py index 743aecc..031264a 100644 --- a/mindarmour/fuzz_testing/image_transform.py +++ b/mindarmour/fuzz_testing/image_transform.py @@ -19,7 +19,7 @@ from PIL import Image, ImageEnhance, ImageFilter from mindspore.dataset.vision.py_transforms_util import is_numpy, \ to_pil, hwc_to_chw -from mindarmour.utils._check_param import check_param_multi_types +from mindarmour.utils._check_param import check_param_multi_types, check_param_in_range from mindarmour.utils.logger import LogUtil LOGGER = LogUtil.get_instance() @@ -365,10 +365,12 @@ class Translate(ImageTransform): Set translate parameters. Args: - x_bias (Union[float, int]): X-direction translation. Default: 0. - y_bias (Union[float, int]): Y-direction translation. Default: 0. + x_bias (Union[float, int]): X-direction translation, and x_bias should be in range of (-1, 1). Default: 0. + y_bias (Union[float, int]): Y-direction translation, and y_bias should be in range of (-1, 1). Default: 0. auto_param (bool): True if auto generate parameters. Default: False. """ + x_bias = check_param_in_range('x_bias', x_bias, -1, 1) + y_bias = check_param_in_range('y_bias', y_bias, -1, 1) self.auto_param = auto_param if auto_param: self.x_bias = np.random.uniform(-0.3, 0.3) @@ -391,10 +393,9 @@ class Translate(ImageTransform): """ _, chw, normalized, gray3dim, image = self._check(image) img = to_pil(image) - if self.auto_param: - image_shape = np.shape(image) - self.x_bias = image_shape[0]*self.x_bias - self.y_bias = image_shape[1]*self.y_bias + image_shape = np.shape(image) + self.x_bias = image_shape[1]*self.x_bias + self.y_bias = image_shape[0]*self.y_bias trans_image = img.transform(img.size, Image.AFFINE, (1, 0, self.x_bias, 0, 1, self.y_bias)) trans_image = self._original_format(trans_image, chw, normalized,