Hugging Face's logo

Pankaj001
/
Opensource_attack_examples

Model card Files
xet
Community
Pankaj001 commited on
Commit
d35af4f
Β·
verified Β·
1 Parent(s): 3e33b5d

Upload txt_attk.ipynb

Browse files

generate attack vector for text classification model (NLP)

Files changed (1) hide show
  1. txt_attk.ipynb +588 -0
txt_attk.ipynb ADDED
@@ -0,0 +1,588 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "cells": [
3
+ {
4
+ "cell_type": "markdown",
5
+ "id": "ea969734-6e63-4b44-ac0f-8442f785616a",
6
+ "metadata": {},
7
+ "source": [
8
+ "# Text-Attack example\n",
9
+ "\n",
10
+ "The script demonstrates a simple example of using Text-Attack with TensorFlow v2.x. The example train a small model on the IMDB\n",
11
+ "dataset. Here we use the Text-Attack to create the Adversial example, it would also be possible to provide a pretrained model to the Text-Attack.\n",
12
+ "The parameters are chosen for reduced computational requirements of the script and not optimised for accuracy.\n",
13
+ "\n",
14
+ "* reference: https://textattack.readthedocs.io/en/master/"
15
+ ]
16
+ },
17
+ {
18
+ "cell_type": "markdown",
19
+ "id": "609d3a4c-647c-498c-ab0a-54fef4f5eed6",
20
+ "metadata": {},
21
+ "source": [
22
+ "### Text Classification\n",
23
+ "\n",
24
+ "* Date: 07/30/2024\n",
25
+ "* Author: Pawan Kumar\n",
26
+ "* Type of attack: Text-attack\n",
27
+ "\n",
28
+ "### Metadata\n",
29
+ "* Dataset: IMDB\n",
30
+ "* Size of training set: 25,000\n",
31
+ "* Size of testing set : 25,000\n",
32
+ "* Number of class : 2\n",
33
+ "* Original Model: LSTM model trained "
34
+ ]
35
+ },
36
+ {
37
+ "cell_type": "code",
38
+ "execution_count": 12,
39
+ "id": "e5cd330e-0bc5-4676-8b7d-03bea1e0e8cb",
40
+ "metadata": {
41
+ "execution": {
42
+ "iopub.execute_input": "2024-07-30T06:50:51.373277Z",
43
+ "iopub.status.busy": "2024-07-30T06:50:51.372281Z",
44
+ "iopub.status.idle": "2024-07-30T06:50:51.379825Z",
45
+ "shell.execute_reply": "2024-07-30T06:50:51.379825Z",
46
+ "shell.execute_reply.started": "2024-07-30T06:50:51.373277Z"
47
+ }
48
+ },
49
+ "outputs": [
50
+ {
51
+ "data": {
52
+ "text/plain": [
53
+ "'\\nDescription: Uncomment and run to install libraries. Needed for running first time only. \\n'"
54
+ ]
55
+ },
56
+ "execution_count": 12,
57
+ "metadata": {},
58
+ "output_type": "execute_result"
59
+ }
60
+ ],
61
+ "source": [
62
+ "\"\"\"\n",
63
+ "Description: Uncomment and run to install libraries. Needed for running first time only. \n",
64
+ "\"\"\"\n",
65
+ "# !pip install textattack[tensorflow]"
66
+ ]
67
+ },
68
+ {
69
+ "cell_type": "code",
70
+ "execution_count": 3,
71
+ "id": "d49c8793-9032-4af1-aa8f-29ff05d2409a",
72
+ "metadata": {
73
+ "execution": {
74
+ "iopub.execute_input": "2024-07-30T06:40:27.398710Z",
75
+ "iopub.status.busy": "2024-07-30T06:40:27.398710Z",
76
+ "iopub.status.idle": "2024-07-30T06:40:27.517530Z",
77
+ "shell.execute_reply": "2024-07-30T06:40:27.516313Z",
78
+ "shell.execute_reply.started": "2024-07-30T06:40:27.398710Z"
79
+ }
80
+ },
81
+ "outputs": [],
82
+ "source": [
83
+ "# Importing necessary libraries\n",
84
+ "import os\n",
85
+ "import numpy as np\n",
86
+ "\n",
87
+ "import tensorflow as tf\n",
88
+ "import matplotlib.pyplot as plt\n",
89
+ "\n",
90
+ "from sklearn.model_selection import train_test_split\n",
91
+ "from tensorflow.keras.preprocessing.text import Tokenizer\n",
92
+ "from tensorflow.keras.preprocessing.sequence import pad_sequences\n",
93
+ "from tensorflow.keras.models import Sequential\n",
94
+ "from tensorflow.keras.layers import LSTM, Embedding, Dense, Dropout, SimpleRNN\n",
95
+ "from tensorflow.keras.datasets import imdb\n",
96
+ "\n",
97
+ "from transformers import TFAutoModelForSequenceClassification, AutoTokenizer\n",
98
+ "\n",
99
+ "from textattack.models.wrappers import ModelWrapper\n",
100
+ "from textattack.datasets import HuggingFaceDataset\n",
101
+ "from textattack.attack_recipes import PWWSRen2019\n",
102
+ "from textattack import Attacker\n",
103
+ "import textattack"
104
+ ]
105
+ },
106
+ {
107
+ "cell_type": "code",
108
+ "execution_count": 5,
109
+ "id": "6dc3c1c1-42a5-490e-bbf3-723c051b8054",
110
+ "metadata": {
111
+ "execution": {
112
+ "iopub.execute_input": "2024-07-30T06:40:30.160388Z",
113
+ "iopub.status.busy": "2024-07-30T06:40:30.160388Z",
114
+ "iopub.status.idle": "2024-07-30T06:40:30.169572Z",
115
+ "shell.execute_reply": "2024-07-30T06:40:30.169071Z",
116
+ "shell.execute_reply.started": "2024-07-30T06:40:30.160388Z"
117
+ }
118
+ },
119
+ "outputs": [],
120
+ "source": [
121
+ "# Flag to determine whether to train a new model or use a pre-trained one\n",
122
+ "model_train = True # False-> download from Huggingface"
123
+ ]
124
+ },
125
+ {
126
+ "cell_type": "markdown",
127
+ "id": "3fb6b427-f7d7-42d9-9939-5b90159e60ed",
128
+ "metadata": {},
129
+ "source": [
130
+ "# Step 1: Load the IMDB dataset"
131
+ ]
132
+ },
133
+ {
134
+ "cell_type": "code",
135
+ "execution_count": 6,
136
+ "id": "0e121e62-50bb-46a9-99b8-131d55e3f105",
137
+ "metadata": {
138
+ "execution": {
139
+ "iopub.execute_input": "2024-07-30T06:40:31.010886Z",
140
+ "iopub.status.busy": "2024-07-30T06:40:31.010886Z",
141
+ "iopub.status.idle": "2024-07-30T06:40:33.803320Z",
142
+ "shell.execute_reply": "2024-07-30T06:40:33.803320Z",
143
+ "shell.execute_reply.started": "2024-07-30T06:40:31.010886Z"
144
+ }
145
+ },
146
+ "outputs": [],
147
+ "source": [
148
+ "(x_train, y_train), (x_test, y_test) = imdb.load_data(num_words=10000)"
149
+ ]
150
+ },
151
+ {
152
+ "cell_type": "markdown",
153
+ "id": "082b6240-13d2-4e32-854e-0011e8f2fd6d",
154
+ "metadata": {},
155
+ "source": [
156
+ "# Step 2: Create the model"
157
+ ]
158
+ },
159
+ {
160
+ "cell_type": "code",
161
+ "execution_count": 7,
162
+ "id": "3d732d28-d0e8-483c-a1b4-fb6a1650e7de",
163
+ "metadata": {
164
+ "execution": {
165
+ "iopub.execute_input": "2024-07-30T06:40:34.958372Z",
166
+ "iopub.status.busy": "2024-07-30T06:40:34.957385Z",
167
+ "iopub.status.idle": "2024-07-30T06:48:25.810813Z",
168
+ "shell.execute_reply": "2024-07-30T06:48:25.810813Z",
169
+ "shell.execute_reply.started": "2024-07-30T06:40:34.958372Z"
170
+ }
171
+ },
172
+ "outputs": [
173
+ {
174
+ "name": "stdout",
175
+ "output_type": "stream",
176
+ "text": [
177
+ "Epoch 1/30\n"
178
+ ]
179
+ },
180
+ {
181
+ "name": "stderr",
182
+ "output_type": "stream",
183
+ "text": [
184
+ "C:\\Users\\CUP3KOR\\.conda\\envs\\env_torch\\lib\\site-packages\\keras\\src\\layers\\core\\embedding.py:90: UserWarning: Argument `input_length` is deprecated. Just remove it.\n",
185
+ " warnings.warn(\n"
186
+ ]
187
+ },
188
+ {
189
+ "name": "stdout",
190
+ "output_type": "stream",
191
+ "text": [
192
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m17s\u001b[0m 20ms/step - accuracy: 0.6455 - loss: 0.6067 - val_accuracy: 0.7898 - val_loss: 0.4815\n",
193
+ "Epoch 2/30\n",
194
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 19ms/step - accuracy: 0.8382 - loss: 0.3954 - val_accuracy: 0.8062 - val_loss: 0.4408\n",
195
+ "Epoch 3/30\n",
196
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.8786 - loss: 0.3209 - val_accuracy: 0.8006 - val_loss: 0.4716\n",
197
+ "Epoch 4/30\n",
198
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.8982 - loss: 0.2883 - val_accuracy: 0.8050 - val_loss: 0.4872\n",
199
+ "Epoch 5/30\n",
200
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9219 - loss: 0.2219 - val_accuracy: 0.7987 - val_loss: 0.4955\n",
201
+ "Epoch 6/30\n",
202
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9352 - loss: 0.1917 - val_accuracy: 0.7968 - val_loss: 0.5100\n",
203
+ "Epoch 7/30\n",
204
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9362 - loss: 0.1891 - val_accuracy: 0.7905 - val_loss: 0.6276\n",
205
+ "Epoch 8/30\n",
206
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.8274 - loss: 0.3710 - val_accuracy: 0.7948 - val_loss: 0.5578\n",
207
+ "Epoch 9/30\n",
208
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9198 - loss: 0.2287 - val_accuracy: 0.7854 - val_loss: 0.5871\n",
209
+ "Epoch 10/30\n",
210
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9081 - loss: 0.2333 - val_accuracy: 0.7876 - val_loss: 0.6009\n",
211
+ "Epoch 11/30\n",
212
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9553 - loss: 0.1420 - val_accuracy: 0.7883 - val_loss: 0.6265\n",
213
+ "Epoch 12/30\n",
214
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9598 - loss: 0.1232 - val_accuracy: 0.7889 - val_loss: 0.6716\n",
215
+ "Epoch 13/30\n",
216
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9661 - loss: 0.1096 - val_accuracy: 0.7870 - val_loss: 0.7236\n",
217
+ "Epoch 14/30\n",
218
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9676 - loss: 0.0999 - val_accuracy: 0.7833 - val_loss: 0.6662\n",
219
+ "Epoch 15/30\n",
220
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9692 - loss: 0.1014 - val_accuracy: 0.7816 - val_loss: 0.7717\n",
221
+ "Epoch 16/30\n",
222
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9722 - loss: 0.0873 - val_accuracy: 0.7804 - val_loss: 0.8158\n",
223
+ "Epoch 17/30\n",
224
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 19ms/step - accuracy: 0.9716 - loss: 0.0925 - val_accuracy: 0.6377 - val_loss: 0.7183\n",
225
+ "Epoch 18/30\n",
226
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.7759 - loss: 0.4766 - val_accuracy: 0.7776 - val_loss: 0.6318\n",
227
+ "Epoch 19/30\n",
228
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 21ms/step - accuracy: 0.9597 - loss: 0.1204 - val_accuracy: 0.7835 - val_loss: 0.7238\n",
229
+ "Epoch 20/30\n",
230
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9777 - loss: 0.0756 - val_accuracy: 0.7847 - val_loss: 0.8460\n",
231
+ "Epoch 21/30\n",
232
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 19ms/step - accuracy: 0.9848 - loss: 0.0564 - val_accuracy: 0.7824 - val_loss: 0.8455\n",
233
+ "Epoch 22/30\n",
234
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9850 - loss: 0.0542 - val_accuracy: 0.7817 - val_loss: 0.8955\n",
235
+ "Epoch 23/30\n",
236
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 19ms/step - accuracy: 0.9776 - loss: 0.0691 - val_accuracy: 0.7771 - val_loss: 0.9468\n",
237
+ "Epoch 24/30\n",
238
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9638 - loss: 0.1353 - val_accuracy: 0.7729 - val_loss: 0.8872\n",
239
+ "Epoch 25/30\n",
240
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9812 - loss: 0.0623 - val_accuracy: 0.7790 - val_loss: 0.9489\n",
241
+ "Epoch 26/30\n",
242
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9879 - loss: 0.0441 - val_accuracy: 0.7706 - val_loss: 1.1105\n",
243
+ "Epoch 27/30\n",
244
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9912 - loss: 0.0328 - val_accuracy: 0.7786 - val_loss: 1.0273\n",
245
+ "Epoch 28/30\n",
246
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9910 - loss: 0.0322 - val_accuracy: 0.7792 - val_loss: 1.1005\n",
247
+ "Epoch 29/30\n",
248
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m15s\u001b[0m 20ms/step - accuracy: 0.9577 - loss: 0.1139 - val_accuracy: 0.7803 - val_loss: 0.7637\n",
249
+ "Epoch 30/30\n",
250
+ "\u001b[1m782/782\u001b[0m \u001b[32m━━━━━━━━━━━━━━━━━━━━\u001b[0m\u001b[37m\u001b[0m \u001b[1m16s\u001b[0m 20ms/step - accuracy: 0.9815 - loss: 0.0598 - val_accuracy: 0.7768 - val_loss: 0.9161\n"
251
+ ]
252
+ }
253
+ ],
254
+ "source": [
255
+ "if model_train:\n",
256
+ " # Setting up parameters for the IMDB dataset and model\n",
257
+ " vocab_size = 10000 # Number of words to keep in the vocabulary\n",
258
+ " max_length = 100 # Maximum length of each sequence\n",
259
+ " embedding_dim = 16 # Embedding dimensions\n",
260
+ " oov_tok = \"<OOV>\" # Out of vocabulary token\n",
261
+ " \n",
262
+ " # Loading the IMDB dataset\n",
263
+ " (x_train, y_train), (x_test, y_test) = imdb.load_data(num_words=vocab_size)\n",
264
+ "\n",
265
+ " # Padding sequences to ensure uniform length\n",
266
+ " x_train = pad_sequences(x_train, maxlen=max_length, padding='post', truncating='post')\n",
267
+ " x_test = pad_sequences(x_test, maxlen=max_length, padding='post', truncating='post')\n",
268
+ " \n",
269
+ " # Creating word index for vocabulary\n",
270
+ " word_index = imdb.get_word_index()\n",
271
+ " word_index = {k: (v + 3) for k, v in word_index.items() if v < vocab_size}\n",
272
+ " word_index[\"<PAD>\"] = 0\n",
273
+ " word_index[\"<START>\"] = 1\n",
274
+ " word_index[\"<UNK>\"] = 2\n",
275
+ " word_index[\"<UNUSED>\"] = 3\n",
276
+ " \n",
277
+ " # Create an inverse word index to decode integer sequences back to words (if needed)\n",
278
+ " inverse_word_index = {v: k for k, v in word_index.items()}\n",
279
+ " \n",
280
+ " # creating the tokenizer\n",
281
+ " tokenizer = Tokenizer(num_words=vocab_size)\n",
282
+ " tokenizer.word_index = word_index\n",
283
+ " \n",
284
+ " # Defining the model architecture\n",
285
+ " model = Sequential([\n",
286
+ " Embedding(vocab_size, embedding_dim, input_length=max_length),\n",
287
+ " LSTM(32),\n",
288
+ " Dense(1, activation='sigmoid')\n",
289
+ " ])\n",
290
+ "\n",
291
+ " # Compiling and training the model\n",
292
+ " model.compile(loss='binary_crossentropy', optimizer='adam', metrics=['accuracy'])\n",
293
+ " model.fit(x_train, y_train, epochs=30, validation_data=(x_test, y_test))\n",
294
+ "\n",
295
+ "else:\n",
296
+ " # Using a pre-trained model from Hugging Face\n",
297
+ " model_name = \"finiteautomata/bertweet-base-sentiment-analysis\"\n",
298
+ "\n",
299
+ " # Load the model\n",
300
+ " model = TFAutoModelForSequenceClassification.from_pretrained(model_name)\n",
301
+ " \n",
302
+ " # Load the tokenizer\n",
303
+ " tokenizer = AutoTokenizer.from_pretrained(model_name)"
304
+ ]
305
+ },
306
+ {
307
+ "cell_type": "markdown",
308
+ "id": "2096e6b0-cbdb-40af-bb4b-49d4aa3f6867",
309
+ "metadata": {},
310
+ "source": [
311
+ "# Step 3: Create the Text-Attack classifier"
312
+ ]
313
+ },
314
+ {
315
+ "cell_type": "code",
316
+ "execution_count": 8,
317
+ "id": "de8e1990-bb40-4154-af2f-4a728945a893",
318
+ "metadata": {
319
+ "execution": {
320
+ "iopub.execute_input": "2024-07-30T06:48:25.812810Z",
321
+ "iopub.status.busy": "2024-07-30T06:48:25.811814Z",
322
+ "iopub.status.idle": "2024-07-30T06:48:25.828265Z",
323
+ "shell.execute_reply": "2024-07-30T06:48:25.827447Z",
324
+ "shell.execute_reply.started": "2024-07-30T06:48:25.812810Z"
325
+ }
326
+ },
327
+ "outputs": [],
328
+ "source": [
329
+ "class CustomTensorFlowModelWrapper(ModelWrapper):\n",
330
+ " def __init__(self, model,tokenizer,model_type,max_length = None,preprocess_text = None):\n",
331
+ " self.model = model\n",
332
+ " self.tokenizer = tokenizer\n",
333
+ " self.max_length = max_length\n",
334
+ " self.preprocess_text = preprocess_text\n",
335
+ " self.model_type = model_type\n",
336
+ "\n",
337
+ " def __call__(self, text_list):\n",
338
+ " for idx,text in enumerate(text_list):\n",
339
+ " if self.model_type.lower() == \"transformer\":\n",
340
+ " # Preprocessing for transformer models\n",
341
+ " preprocessed_text = self.tokenizer.encode(text,return_tensors=\"tf\")\n",
342
+ " preds = self.model(preprocessed_text).logits\n",
343
+ " logits = tf.nn.sigmoid(preds)\n",
344
+ " final_preds = np.stack(logits, axis=0)\n",
345
+ " else:\n",
346
+ " # Preprocessing for Other models\n",
347
+ " sequences = self.tokenizer.texts_to_sequences([text])\n",
348
+ " preprocessed_text = pad_sequences(sequences, maxlen=self.max_length, padding='post', truncating='post')\n",
349
+ " preds = self.model(preprocessed_text).numpy()\n",
350
+ " logits = np.array(preds[0])\n",
351
+ " final_preds = np.stack((1 - logits, logits), axis=1)\n",
352
+ " \n",
353
+ " if idx == 0:\n",
354
+ " all_preds = final_preds\n",
355
+ " else:\n",
356
+ " all_preds = np.concatenate((all_preds, final_preds), axis=0)\n",
357
+ " return all_preds"
358
+ ]
359
+ },
360
+ {
361
+ "cell_type": "markdown",
362
+ "id": "29bfd315-1b01-414b-ae8d-421aad21767f",
363
+ "metadata": {},
364
+ "source": [
365
+ "# Step 4: Creating The attack Vectors on benign test examples"
366
+ ]
367
+ },
368
+ {
369
+ "cell_type": "code",
370
+ "execution_count": 9,
371
+ "id": "b1c3280d-03b0-4c06-bdb8-1e5e57700bb2",
372
+ "metadata": {
373
+ "execution": {
374
+ "iopub.execute_input": "2024-07-30T06:48:25.829899Z",
375
+ "iopub.status.busy": "2024-07-30T06:48:25.829271Z",
376
+ "iopub.status.idle": "2024-07-30T06:49:06.376939Z",
377
+ "shell.execute_reply": "2024-07-30T06:49:06.376939Z",
378
+ "shell.execute_reply.started": "2024-07-30T06:48:25.829899Z"
379
+ },
380
+ "scrolled": true
381
+ },
382
+ "outputs": [
383
+ {
384
+ "name": "stderr",
385
+ "output_type": "stream",
386
+ "text": [
387
+ "[nltk_data] Error loading omw-1.4: <urlopen error [Errno 11001]\n",
388
+ "[nltk_data] getaddrinfo failed>\n",
389
+ "textattack: Unknown if model of class <class 'keras.src.models.sequential.Sequential'> compatible with goal function <class 'textattack.goal_functions.classification.untargeted_classification.UntargetedClassification'>.\n",
390
+ "textattack: Attempting to attack 10 samples when only 2 are available.\n"
391
+ ]
392
+ },
393
+ {
394
+ "name": "stdout",
395
+ "output_type": "stream",
396
+ "text": [
397
+ "Attack(\n",
398
+ " (search_method): GreedyWordSwapWIR(\n",
399
+ " (wir_method): weighted-saliency\n",
400
+ " )\n",
401
+ " (goal_function): UntargetedClassification\n",
402
+ " (transformation): WordSwapWordNet\n",
403
+ " (constraints): \n",
404
+ " (0): RepeatModification\n",
405
+ " (1): StopwordModification\n",
406
+ " (is_black_box): True\n",
407
+ ") \n",
408
+ "\n"
409
+ ]
410
+ },
411
+ {
412
+ "name": "stderr",
413
+ "output_type": "stream",
414
+ "text": [
415
+ " 10%|β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–Ž | 1/10 [00:35<05:18, 35.40s/it]"
416
+ ]
417
+ },
418
+ {
419
+ "name": "stdout",
420
+ "output_type": "stream",
421
+ "text": [
422
+ "--------------------------------------------- Result 1 ---------------------------------------------\n"
423
+ ]
424
+ },
425
+ {
426
+ "name": "stderr",
427
+ "output_type": "stream",
428
+ "text": [
429
+ "[Succeeded / Failed / Skipped / Total] 1 / 0 / 0 / 1: 10%|β–ˆβ–ˆβ–‰ | 1/10 [00:36<05:24, 36.06s/it]"
430
+ ]
431
+ },
432
+ {
433
+ "name": "stdout",
434
+ "output_type": "stream",
435
+ "text": [
436
+ "[[0 (96%)]] --> [[1 (91%)]]\n",
437
+ "\n",
438
+ "Don't [[waste]] your time or money on this one. This book is terrible. Whatever happened to Amanda Quick writing great books. She used to be my favorite autor. It will be a long time before I ever purchase another one of her books.\n",
439
+ "\n",
440
+ "Don't [[desolate]] your time or money on this one. This book is terrible. Whatever happened to Amanda Quick writing great books. She used to be my favorite autor. It will be a long time before I ever purchase another one of her books.\n",
441
+ "\n",
442
+ "\n"
443
+ ]
444
+ },
445
+ {
446
+ "name": "stderr",
447
+ "output_type": "stream",
448
+ "text": [
449
+ "[Succeeded / Failed / Skipped / Total] 1 / 1 / 0 / 2: 20%|β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–Š | 2/10 [00:38<02:34, 19.30s/it]"
450
+ ]
451
+ },
452
+ {
453
+ "name": "stdout",
454
+ "output_type": "stream",
455
+ "text": [
456
+ "--------------------------------------------- Result 2 ---------------------------------------------\n",
457
+ "[[1 (94%)]] --> [[[FAILED]]]\n",
458
+ "\n",
459
+ "I am happy\n",
460
+ "\n",
461
+ "\n",
462
+ "\n",
463
+ "+-------------------------------+--------+\n",
464
+ "| Attack Results | |\n",
465
+ "+-------------------------------+--------+\n",
466
+ "| Number of successful attacks: | 1 |\n",
467
+ "| Number of failed attacks: | 1 |\n",
468
+ "| Number of skipped attacks: | 0 |\n",
469
+ "| Original accuracy: | 100.0% |\n",
470
+ "| Accuracy under attack: | 50.0% |\n",
471
+ "| Attack success rate: | 50.0% |\n",
472
+ "| Average perturbed word %: | 2.33% |\n",
473
+ "| Average num. words per input: | 23.0 |\n",
474
+ "| Avg num queries: | 158.5 |\n",
475
+ "+-------------------------------+--------+\n"
476
+ ]
477
+ },
478
+ {
479
+ "name": "stderr",
480
+ "output_type": "stream",
481
+ "text": [
482
+ "\n"
483
+ ]
484
+ }
485
+ ],
486
+ "source": [
487
+ "# Wrapping the model for TextAttack\n",
488
+ "model_wrapper = CustomTensorFlowModelWrapper(model,tokenizer,\"lstm\",max_length)\n",
489
+ "\n",
490
+ "# Preparing input data for the attack\n",
491
+ "input_data = [(\"\"\"Don't waste your time or money on this one. This book is terrible. Whatever happened to Amanda Quick writing great books. She used to be my favorite autor. It will be a long time before I ever purchase another one of her books.\"\"\", 0),\n",
492
+ " (\"I am happy\",1)]\n",
493
+ "dataset = textattack.datasets.Dataset(input_data)\n",
494
+ "\n",
495
+ "# Setting up the attack\n",
496
+ "attack = PWWSRen2019.build(model_wrapper)\n",
497
+ "\n",
498
+ "# Launching the attack\n",
499
+ "attacker = Attacker(attack, dataset)\n",
500
+ "attacked_data = attacker.attack_dataset()"
501
+ ]
502
+ },
503
+ {
504
+ "cell_type": "markdown",
505
+ "id": "7965f887-b4b4-4907-938c-08dbcbbf8f77",
506
+ "metadata": {},
507
+ "source": [
508
+ "# Step 5: Result of Text-Attack on benign test examples"
509
+ ]
510
+ },
511
+ {
512
+ "cell_type": "code",
513
+ "execution_count": 13,
514
+ "id": "bef21ec2-d1d0-4752-9b0a-2c99c006291e",
515
+ "metadata": {
516
+ "execution": {
517
+ "iopub.execute_input": "2024-07-30T06:54:43.238422Z",
518
+ "iopub.status.busy": "2024-07-30T06:54:43.238422Z",
519
+ "iopub.status.idle": "2024-07-30T06:54:43.254191Z",
520
+ "shell.execute_reply": "2024-07-30T06:54:43.253694Z",
521
+ "shell.execute_reply.started": "2024-07-30T06:54:43.238422Z"
522
+ }
523
+ },
524
+ "outputs": [
525
+ {
526
+ "name": "stdout",
527
+ "output_type": "stream",
528
+ "text": [
529
+ "Original_text -> Don't waste your time or money on this one. This book is terrible. Whatever happened to Amanda Quick writing great books. She used to be my favorite autor. It will be a long time before I ever purchase another one of her books.\n",
530
+ "Original_text_Label -> 0\n",
531
+ "\n",
532
+ "Perturbed_text -> Don't desolate your time or money on this one. This book is terrible. Whatever happened to Amanda Quick writing great books. She used to be my favorite autor. It will be a long time before I ever purchase another one of her books.\n",
533
+ "Perturbed_text_Label -> 1\n",
534
+ "\n",
535
+ "---------------------------------------------------------------------------\n",
536
+ "Original_text -> I am happy\n",
537
+ "Original_text_Label -> 1\n",
538
+ "\n",
539
+ "Perturbed_text -> 1 am happy\n",
540
+ "Perturbed_text_Label -> 1\n",
541
+ "\n",
542
+ "---------------------------------------------------------------------------\n"
543
+ ]
544
+ }
545
+ ],
546
+ "source": [
547
+ "# Displaying the results of the attack\n",
548
+ "for data in attacked_data:\n",
549
+ " print(f\"Original_text -> {data.original_text()}\")\n",
550
+ " print(f\"Original_text_Label -> {data.original_result.ground_truth_output}\")\n",
551
+ " print()\n",
552
+ " print(f\"Perturbed_text -> {data.perturbed_text()}\")\n",
553
+ " print(f\"Perturbed_text_Label -> {data.perturbed_result.output}\")\n",
554
+ " print()\n",
555
+ " print('-'*75)"
556
+ ]
557
+ },
558
+ {
559
+ "cell_type": "code",
560
+ "execution_count": null,
561
+ "id": "062d4ac2-7d76-44ad-b9db-9da31a461ddb",
562
+ "metadata": {},
563
+ "outputs": [],
564
+ "source": []
565
+ }
566
+ ],
567
+ "metadata": {
568
+ "kernelspec": {
569
+ "display_name": "env_torch",
570
+ "language": "python",
571
+ "name": "env_torch"
572
+ },
573
+ "language_info": {
574
+ "codemirror_mode": {
575
+ "name": "ipython",
576
+ "version": 3
577
+ },
578
+ "file_extension": ".py",
579
+ "mimetype": "text/x-python",
580
+ "name": "python",
581
+ "nbconvert_exporter": "python",
582
+ "pygments_lexer": "ipython3",
583
+ "version": "3.9.19"
584
+ }
585
+ },
586
+ "nbformat": 4,
587
+ "nbformat_minor": 5
588
+ }