2020-05-18 00:18:41 +00:00
|
|
|
import argparse
|
|
|
|
import os
|
|
|
|
import pickle
|
2020-05-18 20:35:14 +00:00
|
|
|
import random
|
|
|
|
import sys
|
|
|
|
|
|
|
|
import numpy as np
|
|
|
|
from differentiator import FawkesMaskGeneration
|
|
|
|
from tensorflow import set_random_seed
|
|
|
|
from utils import load_extractor, CloakData, init_gpu
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
random.seed(12243)
|
|
|
|
np.random.seed(122412)
|
|
|
|
set_random_seed(12242)
|
|
|
|
|
2020-06-01 14:50:02 +00:00
|
|
|
NUM_IMG_PROTECTED = 32 # Number of images used to optimize the target class
|
|
|
|
BATCH_SIZE = 32
|
2020-05-18 00:18:41 +00:00
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
MAX_ITER = 1000
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
def diff_protected_data(sess, feature_extractors_ls, image_X, number_protect, target_X=None, th=0.01):
|
2020-05-18 00:18:41 +00:00
|
|
|
image_X = image_X[:number_protect]
|
|
|
|
differentiator = FawkesMaskGeneration(sess, feature_extractors_ls,
|
|
|
|
batch_size=BATCH_SIZE,
|
|
|
|
mimic_img=True,
|
|
|
|
intensity_range='imagenet',
|
2020-05-18 20:35:14 +00:00
|
|
|
initial_const=args.sd,
|
|
|
|
learning_rate=args.lr,
|
2020-05-18 00:18:41 +00:00
|
|
|
max_iterations=MAX_ITER,
|
|
|
|
l_threshold=th,
|
|
|
|
verbose=1, maximize=False, keep_final=False, image_shape=image_X.shape[1:])
|
|
|
|
|
|
|
|
if len(target_X) < len(image_X):
|
2020-06-06 05:35:04 +00:00
|
|
|
target_X = np.concatenate([target_X, target_X, target_X])
|
2020-05-18 00:18:41 +00:00
|
|
|
target_X = target_X[:len(image_X)]
|
|
|
|
cloaked_image_X = differentiator.attack(image_X, target_X)
|
|
|
|
return cloaked_image_X
|
|
|
|
|
|
|
|
|
|
|
|
def perform_defense():
|
|
|
|
RES = {}
|
|
|
|
sess = init_gpu(args.gpu)
|
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
FEATURE_EXTRACTORS = [args.feature_extractor]
|
2020-05-18 00:18:41 +00:00
|
|
|
RES_DIR = '../results/'
|
2020-05-18 20:35:14 +00:00
|
|
|
|
2020-05-18 00:18:41 +00:00
|
|
|
RES['num_img_protected'] = NUM_IMG_PROTECTED
|
|
|
|
RES['extractors'] = FEATURE_EXTRACTORS
|
|
|
|
num_protect = NUM_IMG_PROTECTED
|
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
print("Loading {} for optimization".format(args.feature_extractor))
|
2020-06-01 14:50:02 +00:00
|
|
|
feature_extractors_ls = [load_extractor(name) for name in FEATURE_EXTRACTORS]
|
2020-05-18 00:18:41 +00:00
|
|
|
protect_class = args.protect_class
|
|
|
|
|
2020-06-06 05:35:04 +00:00
|
|
|
cloak_data = CloakData(args.dataset, protect_class=protect_class)
|
|
|
|
RES_FILE_NAME = "{}_{}_protect{}".format(args.dataset, args.feature_extractor, cloak_data.protect_class)
|
2020-05-18 20:35:14 +00:00
|
|
|
RES_FILE_NAME = os.path.join(RES_DIR, RES_FILE_NAME)
|
2020-05-18 00:18:41 +00:00
|
|
|
print("Protect Class: ", cloak_data.protect_class)
|
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
cloak_data.target_path, cloak_data.target_data = cloak_data.select_target_label(feature_extractors_ls,
|
|
|
|
FEATURE_EXTRACTORS)
|
2020-05-18 00:18:41 +00:00
|
|
|
|
2020-05-18 20:35:14 +00:00
|
|
|
os.makedirs(RES_DIR, exist_ok=True)
|
|
|
|
os.makedirs(RES_FILE_NAME, exist_ok=True)
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
cloak_image_X = diff_protected_data(sess, feature_extractors_ls, cloak_data.protect_train_X,
|
|
|
|
number_protect=num_protect,
|
2020-05-18 20:35:14 +00:00
|
|
|
target_X=cloak_data.target_data, th=args.th)
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
cloak_data.cloaked_protect_train_X = cloak_image_X
|
|
|
|
RES['cloak_data'] = cloak_data
|
2020-05-18 20:35:14 +00:00
|
|
|
pickle.dump(RES, open(os.path.join(RES_FILE_NAME, 'cloak_data.p'), "wb"))
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
|
|
|
|
def parse_arguments(argv):
|
|
|
|
parser = argparse.ArgumentParser()
|
|
|
|
parser.add_argument('--gpu', type=str,
|
|
|
|
help='GPU id', default='0')
|
|
|
|
parser.add_argument('--dataset', type=str,
|
2020-05-18 20:35:14 +00:00
|
|
|
help='name of dataset', default='scrub')
|
|
|
|
parser.add_argument('--feature-extractor', type=str,
|
|
|
|
help="name of the feature extractor used for optimization",
|
2020-06-06 05:35:04 +00:00
|
|
|
default="webface_dense_robust_extract")
|
2020-06-01 14:50:02 +00:00
|
|
|
parser.add_argument('--th', type=float, default=0.007)
|
|
|
|
parser.add_argument('--sd', type=int, default=1e5)
|
2020-05-18 00:18:41 +00:00
|
|
|
parser.add_argument('--protect_class', type=str, default=None)
|
2020-05-18 20:35:14 +00:00
|
|
|
parser.add_argument('--lr', type=float, default=0.1)
|
2020-05-18 00:18:41 +00:00
|
|
|
|
|
|
|
return parser.parse_args(argv)
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
args = parse_arguments(sys.argv[1:])
|
|
|
|
perform_defense()
|