FGSM

Now, we define one more function called FGSM for generating adversarial inputs. We use FGSM for generating adversarial samples. We have seen how FGSM generates the adversarial pairs by calculating gradients with respect to the input instead of the model parameter. So, we take clean (x, y) pairs as input and generate adversarial (x_adv, y) pairs:

def FGSM(x,y):

    #placeholder for the inputs x and y
    X = tf.placeholder(tf.float32)
    Y = tf.placeholder(tf.float32)

    #initialize theta with random values
    theta = tf.Variable(tf.zeros([50,1]))

    #predict the value of y
    YHat = tf.nn.softmax(tf.matmul(X, theta)) 

    #calculate the loss
    loss = tf.reduce_mean(-tf.reduce_sum(Y*tf.log(YHat), reduction_indices=1))
 
    #now calculate gradient of our loss function with respect to our input X instead of model parameter theta
    gradient = ((tf.gradients(loss,X)[0]))
    
    #calculate the adversarial input
    #i.e x_adv = x + epsilon * sign ( nabla_x J(X, Y))
    X_adv = X + 0.2*tf.sign(gradient)
    X_adv = tf.clip_by_value(X_adv,-1.0,1.0)

    #start the tensoflow session
    with tf.Session() as sess:

        sess.run(tf.global_variables_initializer()) 
        X_adv = sess.run(X_adv, feed_dict={X: x, Y: y})
        
    return X_adv, y

Table of Contents for FGSM

Create new playlist

Sign In

Sign Up

Table of Contents for
FGSM