我在Tensorflow(完全训练过的imagenet预训练模型)中有一个预训练模型,具有inception_resnet_v2网络架构。现在,我正在使用 foolbox 对医学影像使用对抗攻击并获得预测。
但每次模型在原始图像上返回不同的预测(具有不同概率的不同类)。我以某种方式重新初始化权重?此外,对抗图像的预测不起作用,并且每次都会抛出 NoneType错误,而且我无法使用任何攻击。
import tensorflow as tf
import numpy as np
from PIL import Image
from nets import nets_factory
import matplotlib.pyplot as plt
image = np.asarray(Image.open('1.jpg'))
data_tf = tf.convert_to_tensor(image, np.float32)
data_tf = tf.reshape(data_tf, [1, 299, 299, 3])
arg_scope = nets_factory.arg_scopes_map['inception_resnet_v2']()
graph = tf.get_default_graph()
with slim.arg_scope(arg_scope):
(logits, end_points) = \
nets_factory.networks_map['inception_resnet_v2'](inputs=data_tf, num_classes=2, is_training=False)
with foolbox.models.TensorFlowModel(data_tf, logits, (0, 255)) as model:
init_op = tf.global_variables_initializer()
model.session.run(init_op)
attack = foolbox.attacks.FGSM(model)
saver = tf.train.import_meta_graph(
'/local-scratch/arkadeep/1_June/tf_classification/experiment/final_model/model.ckpt-30589.meta',
clear_devices=True)
saver.restore(model.session,
'/local-scratch/arkadeep/1_June/tf_classification/experiment/final_model/model.ckpt-30589')
example_label = np.argmax(model.predictions(image))
print(example_label)
print(foolbox.utils.softmax(model.predictions(image))[0])
adversarial = attack(image, example_label, unpack=False)
print(np.argmax(model.predictions(adversarial.image)))
print(foolbox.utils.softmax(model.predictions(adversarial))[0])
print(adversarial.distance)
这是堆栈跟踪:
[ada77@cs-mial-ts06 tf_classification]$ CUDA_VISIBLE_DEVICES=0 python example_code.py
(1, 299, 299, 3)
2018-06-05 10:53:49.097397: I tensorflow/core/platform/cpu_feature_guard.cc:140] Your CPU supports instructions that this TensorFlow binary was not compiled to use: AVX2 FMA
0 //the class predicted
0.944639 // probability of the class
/home/ada77/.local/lib/python3.5/site-packages/foolbox/attacks/base.py:103: UserWarning: GradientSignAttack did not find an adversarial, maybe the model or the criterion is not supported by this attack.
' attack.'.format(self.name()))
Traceback (most recent call last):
File "example_code.py", line 54, in
print(np.argmax(model.predictions(adversarial.image)))
File "/home/ada77/.local/lib/python3.5/site-packages/foolbox/models/base.py", line 122, in predictions
return np.squeeze(self.batch_predictions(image[np.newaxis]), axis=0)
TypeError: 'NoneType' object is not subscriptable