Spaces:

Laksh-Jain
/

adversarial_FGSM_attack

Runtime error

App Files Files Community

Laksh-Jain commited on Apr 11, 2025

Commit

fee5612

verified ·

1 Parent(s): 178d146

Upload 3 files

Browse files

Files changed (3) hide show

AdversarialStopSignDemo.ipynb +0 -0
app.py +81 -0
requirements.txt +5 -0

AdversarialStopSignDemo.ipynb ADDED Viewed

The diff for this file is too large to render. See raw diff

app.py ADDED Viewed

	@@ -0,0 +1,81 @@

+import torch
+import torchvision
+import torchvision.transforms as transforms
+import torch.nn.functional as F
+from PIL import Image
+import requests
+from io import BytesIO
+import gradio as gr
+# Load model
+model = torchvision.models.resnet18(pretrained=True)
+model.eval()
+# Load ImageNet labels
+LABELS_URL = "https://raw.githubusercontent.com/pytorch/hub/master/imagenet_classes.txt"
+response = requests.get(LABELS_URL)
+labels = response.text.strip().split("\n")
+# Preprocess image
+transform = transforms.Compose([
+    transforms.Resize((224, 224)),
+    transforms.ToTensor(),
+])
+# Load and preprocess stop sign
+img_url = "https://upload.wikimedia.org/wikipedia/commons/thumb/9/9d/Stop_sign_light_red.svg/768px-Stop_sign_light_red.svg.png?20211116183705"
+image = Image.open(BytesIO(requests.get(img_url).content)).convert("RGB")
+input_tensor = transform(image).unsqueeze(0)
+# Original prediction
+with torch.no_grad():
+    original_output = model(input_tensor)
+    original_label = labels[original_output.argmax().item()]
+# Generate adversarial perturbation
+input_tensor.requires_grad = True
+output = model(input_tensor)
+target = torch.tensor([400])  # Target class: "speedboat"
+loss = F.cross_entropy(output, target)
+loss.backward()
+grad_sign = input_tensor.grad.sign().detach()
+input_tensor_orig = input_tensor.detach().clone()
+# Convert original image to PIL
+original_image = transforms.ToPILImage()(input_tensor_orig.squeeze())
+# Function to apply epsilon and get prediction
+def apply_perturbation(epsilon):
+    perturbed = input_tensor_orig + epsilon * grad_sign
+    perturbed = torch.clamp(perturbed, 0, 1)
+    perturbed_image = transforms.ToPILImage()(perturbed.squeeze())
+    with torch.no_grad():
+        logits = model(perturbed)
+        predicted_label = labels[logits.argmax().item()]
+    return perturbed_image, predicted_label
+# Gradio UI
+with gr.Blocks() as demo:
+    gr.Markdown("# 🛑 Adversarial Stop Sign Attack")
+    gr.Markdown("Adjust the slider to change perturbation strength (ε) and see the model's prediction!")
+    with gr.Row():
+        gr.Image(value=original_image, label="Original Image")
+        gr.Label(value=original_label, label="Original Prediction")
+    epsilon = gr.Slider(0.0, 0.2, value=0.00, step=0.01, label="Perturbation Strength (ε)")
+    with gr.Row():
+        perturbed_image = gr.Image(label="Perturbed Image", interactive=False)
+        perturbed_label = gr.Label(label="Adversarial Prediction")
+    epsilon.change(
+        fn=apply_perturbation,
+        inputs=epsilon,
+        outputs=[perturbed_image, perturbed_label]
+    )
+demo.launch()

requirements.txt ADDED Viewed

	@@ -0,0 +1,5 @@

+torch
+torchvision
+requests
+Pillow
+gradio