我有一个小的决策树代码,我相信我会将所有内容都转换为int,并且已经使用isnan,max等检查了我的训练/测试数据。
我真的不知道为什么会出现这个错误。
因此,我尝试从决策树传递Mnist数据集,然后使用一个类进行攻击。
代码如下:
from AttackUtils import Attack
from AttackUtils import calc_output_weighted_weights, targeted_gradient, non_targeted_gradient, non_targeted_sign_gradient
(X_train_woae, y_train_woae), (X_test_woae, y_test_woae) = mnist.load_data()
X_train_woae = X_train_woae.reshape((len(X_train_woae), np.prod(X_train_woae.shape[1:])))
X_test_woae = X_test_woae.reshape((len(X_test_woae), np.prod(X_test_woae.shape[1:])))
from sklearn import tree
#model_woae = LogisticRegression(multi_class='multinomial', solver='lbfgs', fit_intercept=False)
model_woae = tree.DecisionTreeClassifier(class_weight='balanced')
model_woae.fit(X_train_woae, y_train_woae)
#model_woae.coef_ = model_woae.feature_importances_
coef_int = np.round(model_woae.tree_.compute_feature_importances(normalize=False) * X_train_woae.size).astype(int)
attack_woae = Attack(model_woae)
attack_woae.prepare(X_train_woae, y_train_woae, X_test_woae, y_test_woae)
weights_woae = attack_woae.weights
num_classes_woae = len(np.unique(y_train_woae))
attack_woae.create_one_hot_targets(y_test_woae)
attack_woae.attack_to_max_epsilon(non_targeted_gradient, 50)
non_targeted_scores_woae = attack_woae.scores
因此,攻击类别进行微扰和非目标梯度攻击。 这是攻击类别:
import numpy as np
from sklearn.metrics import accuracy_score
def calc_output_weighted_weights(output, w):
for c in range(len(output)):
if c == 0:
weighted_weights = output[c] * w[c]
else:
weighted_weights += output[c] * w[c]
return weighted_weights
def targeted_gradient(foolingtarget, output, w):
ww = calc_output_weighted_weights(output, w)
for k in range(len(output)):
if k == 0:
gradient = foolingtarget[k] * (w[k]-ww)
else:
gradient += foolingtarget[k] * (w[k]-ww)
return gradient
def non_targeted_gradient(target, output, w):
ww = calc_output_weighted_weights(output, w)
for k in range(len(target)):
if k == 0:
gradient = (1-target[k]) * (w[k]-ww)
else:
gradient += (1-target[k]) * (w[k]-ww)
return gradient
def non_targeted_sign_gradient(target, output, w):
gradient = non_targeted_gradient(target, output, w)
return np.sign(gradient)
class Attack:
def __init__(self, model):
self.fooling_targets = None
self.model = model
def prepare(self, X_train, y_train, X_test, y_test):
self.images = X_test
self.true_targets = y_test
self.num_samples = X_test.shape[0]
self.train(X_train, y_train)
print("Model training finished.")
self.test(X_test, y_test)
print("Model testing finished. Initial accuracy score: " + str(self.initial_score))
def set_fooling_targets(self, fooling_targets):
self.fooling_targets = fooling_targets
def train(self, X_train, y_train):
self.model.fit(X_train, y_train)
self.weights = self.model.coef_
self.num_classes = self.weights.shape[0]
def test(self, X_test, y_test):
self.preds = self.model.predict(X_test)
self.preds_proba = self.model.predict_proba(X_test)
self.initial_score = accuracy_score(y_test, self.preds)
def create_one_hot_targets(self, targets):
self.one_hot_targets = np.zeros(self.preds_proba.shape)
for n in range(targets.shape[0]):
self.one_hot_targets[n, targets[n]] = 1
def attack(self, attackmethod, epsilon):
perturbed_images, highest_epsilon = self.perturb_images(epsilon, attackmethod)
perturbed_preds = self.model.predict(perturbed_images)
score = accuracy_score(self.true_targets, perturbed_preds)
return perturbed_images, perturbed_preds, score, highest_epsilon
def perturb_images(self, epsilon, gradient_method):
perturbed = np.zeros(self.images.shape)
max_perturbations = []
for n in range(self.images.shape[0]):
perturbation = self.get_perturbation(epsilon, gradient_method, self.one_hot_targets[n], self.preds_proba[n])
perturbed[n] = self.images[n] + perturbation
max_perturbations.append(np.max(perturbation))
highest_epsilon = np.max(np.array(max_perturbations))
return perturbed, highest_epsilon
def get_perturbation(self, epsilon, gradient_method, target, pred_proba):
gradient = gradient_method(target, pred_proba, self.weights)
inf_norm = np.max(gradient)
perturbation = epsilon / inf_norm * gradient
return perturbation
def attack_to_max_epsilon(self, attackmethod, max_epsilon):
self.max_epsilon = max_epsilon
self.scores = []
self.epsilons = []
self.perturbed_images_per_epsilon = []
self.perturbed_outputs_per_epsilon = []
for epsilon in range(0, self.max_epsilon):
perturbed_images, perturbed_preds, score, highest_epsilon = self.attack(attackmethod, epsilon)
self.epsilons.append(highest_epsilon)
self.scores.append(score)
self.perturbed_images_per_epsilon.append(perturbed_images)
self.perturbed_outputs_per_epsilon.append(perturbed_preds)
这是它提供的回溯:
ValueError
内向追踪(最近通话最近一次) 4 num_classes_woae = len(np.unique(y_train_woae)) 5 Attack_woae.create_one_hot_targets(y_test_woae) ----> 6 Attack_woae.attack_to_max_epsilon(non_targeted_gradient,50) 7 non_targeted_scores_woae = Attack_woae.scores
〜\ MULTIATTACK \ AttackUtils.py在 Attack_to_max_epsilon(自我,攻击方法,max_epsilon) 106 self.perturbed_outputs_per_epsilon = [] 范围(0,self.max_epsilon)中的epsilon为107: -> 108个perturbed_images,perturbed_preds,得分,highest_epsilon = self.attack(attackmethod,epsilon) 109个self.epsilons.append(highest_epsilon) 110 self.scores.append(score)
〜\ MULTIATTACK \ AttackUtils.py受到攻击(自我, 攻击方法,epsilon) 79 def攻击(自身,攻击方法,epsilon): 80个perturbed_images,highest_epsilon = self.perturb_images(epsilon,攻击方法) ---> 81个perturbed_preds = self.model.predict(perturbed_images) 82分= precision_score(self.true_targets,perturbed_preds) 83个返回perturbed_images,perturbed_preds,得分,highest_epsilon
... \ appdata \ local \ programs \ python \ python35 \ lib \ site-packages \ sklearn \ tree \ tree.py 在预测中(self,X,check_input) 413“”“ 414 check_is_fitted(self,'tree_') -> 415 X = self._validate_X_predict(X,check_input) 第416章 417 n_samples = X.shape [0]
... \ appdata \ local \ programs \ python \ python35 \ lib \ site-packages \ sklearn \ tree \ tree.py 在_validate_X_predict(self,X,check_input)中 374“”“每当尝试预测,应用,predict_proba时都要验证X”“” 第375章 -> 376 X = check_array(X,dtype = DTYPE,accept_sparse =“ csr”) 377如果issparse(X)和(X.indices.dtype!= np.intc或 378 X.indptr.dtype!= np.intc):
... \ appdata \ local \ programs \ python \ python35 \ lib \ site-packages \ sklearn \ utils \ validation.py 在check_array(array,accept_sparse,accept_large_sparse,dtype, 订单,复制,force_all_finite,ensure_2d,allow_nd, sure_min_samples,ensure_min_features,warn_on_dtype,estimator) 第566章 第567章 -> 568 allow_nan = force_all_finite =='allow-nan') 569 570 shape_repr = _shape_repr(array.shape)
... \ appdata \ local \ programs \ python \ python35 \ lib \ site-packages \ sklearn \ utils \ validation.py 在_assert_all_finite(X,allow_nan)中 54 not allow_nan和np.isfinite(X).all()): 55 type_err ='infinity'如果allow_nan否则为'NaN,infinity' ---> 56引发ValueError(msg_err.format(type_err,X.dtype)) 57 58
ValueError:输入包含NaN,无穷大或值对于 dtype('float32')。
编辑:
我将系数编号添加为0,现在它在行attack.attack_to_max_epsilon(non_targeted_gradient, epsilon_number)下给出了相同的错误
答案 0 :(得分:0)
在训练之前,尝试对标签施加一口热。。
from sklearn.preprocessing import LabelEncoder
mylabels= ["label1", "label2", "label2"..."n.label"]
le = LabelEncoder()
labels = le.fit_transform(mylabels)
,然后尝试拆分数据:
from sklearn.model_selection import train_test_split
(x_train, x_test, y_train, y_test) = train_test_split(data,
labels,
test_size=0.25)
现在您的标签可能会用数字编码,这对于训练机器学习算法非常有用。