Regular changes (checkpoints ignored)

.gitignore

@@ -6,4 +6,5 @@ AdvTest.ipynb
 *.pyc
 *checkpoint*
 *checkpoint*/
-.ipynb_checkpoints/*
+**/.ipynb_checkpoints/
+*-checkpoint.*

app.py

@@ -6,18 +6,29 @@ import torch
 from ultralytics import YOLO
 import cv2
 import attacks  # 上面那个 attacks.py，确保和 app.py 在同一目录或可 import 的包路径
+import os, glob
+
 
 # MODEL_PATH = "weights/yolov8s_3cls.pt"
 MODEL_PATH = "weights/fed_model2.pt"
+MODEL_PATH_C = "weights/yolov8s_3cls.pt"
 
 names = ['car', 'van', 'truck']
 imgsz = 640
+
+SAMPLE_DIR = "./images/train"
+SAMPLE_IMAGES = sorted([
+    p for p in glob.glob(os.path.join(SAMPLE_DIR, "*"))
+    if os.path.splitext(p)[1].lower() in [".jpg", ".jpeg", ".png", ".bmp", ".webp"]
+])[:4]  # 只取前4张
+
 # Load ultralytics model (wrapper)
 device = torch.device("cuda" if torch.cuda.is_available() else "cpu")
 yolom = YOLO(MODEL_PATH)  # wrapper
+# yolom_c = YOLO(MODEL_PATH_C)  # wrapper
 # put underlying module to eval on correct device might be needed in attacks functions
-
-def run_detection_on_pil(img_pil: Image.Image, conf: float = 0.4):
+  
+def run_detection_on_pil(img_pil: Image.Image, eval_model_state, conf: float = 0.45):
     """
     Use ultralytics wrapper predict to get a visualization image with boxes.
     This is inference-only and does not require gradient.
@@ -25,7 +36,8 @@ def run_detection_on_pil(img_pil: Image.Image, conf: float = 0.4):
     # ultralytics accepts numpy array (H,W,3) in RGB, we pass it directly
     img = np.array(img_pil)
     # use model.predict with verbose=False to avoid prints
-    res = yolom.predict(source=img, conf=conf, imgsz=imgsz, save=False, verbose=False)
+    eva_model =  yolom if eval_model_state == "yolom" else YOLO(MODEL_PATH_C)
+    res = eva_model.predict(source=img, conf=conf, imgsz=imgsz, save=False, verbose=False)
     r = res[0]
     im_out = img.copy()
     # Boxes object may be empty
@@ -45,15 +57,17 @@ def run_detection_on_pil(img_pil: Image.Image, conf: float = 0.4):
         pass
     return Image.fromarray(im_out)
 
-def detect_and_attack(image, attack_mode, eps, alpha, iters):
+def detect_and_attack(image, eval_model_state, attack_mode, eps, alpha, iters, conf):
     if image is None:
         return None, None
+
     pil = Image.fromarray(image.astype('uint8'), 'RGB')
-    original_vis = run_detection_on_pil(pil)
+
+    original_vis = run_detection_on_pil(pil, eval_model_state, conf=conf) 
+
     if attack_mode == "none":
         return original_vis, None
 
-    # Try the whitebox attacks; if they fail, fallback to demo perturbation
     try:
         if attack_mode == "fgsm":
             adv_pil = attacks.fgsm_attack_on_detector(yolom, pil, eps=eps, device=device, imgsz=imgsz)
@@ -62,34 +76,122 @@ def detect_and_attack(image, attack_mode, eps, alpha, iters):
         else:
             adv_pil = attacks.demo_random_perturbation(pil, eps=eps)
     except Exception as ex:
-        # fallback with informative message (will show in server logs)
         print("Whitebox attack failed:", ex)
         adv_pil = attacks.demo_random_perturbation(pil, eps=eps)
 
-    adv_vis = run_detection_on_pil(adv_pil)
+    adv_vis = run_detection_on_pil(adv_pil, eval_model_state, conf=conf)
     return original_vis, adv_vis
 
+
 # Gradio UI
 if __name__ == "__main__":
     title = "Federated Adversarial Attack — FGSM/PGD Demo"
-    desc = "If the underlying model exposes a torch.nn.Module (whitebox), FGSM/PGD will compute gradients and produce true adversarial examples. "\
-           "If not possible, the app falls back to a demo random perturbation."
-
-    iface = gr.Interface(
-        fn=detect_and_attack,
-        inputs=[
-            gr.Image(type="numpy", label="Input image"),
-            gr.Radio(choices=["none", "fgsm", "pgd", "random noise"], value="none", label="Attack mode"),
-            gr.Slider(minimum=0.0, maximum=0.3, step=0.01, value=0.0314, label="eps (L_inf radius)"),
-            gr.Slider(minimum=0.001, maximum=0.05, step=0.001, value=0.0078, label="alpha (PGD step)"),
-            gr.Slider(minimum=1, maximum=100, step=1, value=10, label="PGD iterations"),
-        ],
-        outputs=[gr.Image(label="Original detection"), gr.Image(label="After attack detection")],
-        title=title,
-        description=desc,
-        allow_flagging="never",
+    desc_html = (
+        "Adversarial examples are generated locally using a "
+        "<strong>client-side</strong> model’s gradients (white-box), then evaluated against the "
+        "<strong>server-side aggregated (FedAvg) central model</strong>. "
+        "If the perturbation transfers, it can "
+        "degrade or alter the FedAvg model’s predictions on the same input image."
     )
-    iface.launch()
-    # iface.launch(server_name="0.0.0.0", server_port=7860)
-    # iface.launch(share=True)
+    with gr.Blocks(title=title) as demo:
+        # 标题居中
+        gr.Markdown(f"""
+            <div>
+              <h1 style='text-align:center;margin-bottom:0.2rem'>{title}</h1>
+              <p style='opacity:0.85'>{desc_html}</p>
+            </div>""")
+
+        with gr.Row():
+            # ===== 左列：两个输入区块 =====
+            with gr.Column(scale=5):
+                # 输入区块 1：上传窗口 & 样例选择 —— 左右并列
+                with gr.Row():
+                    with gr.Column(scale=7):
+                        in_img = gr.Image(type="numpy", label="Input image")
+                    with gr.Column(scale=2):
+                        if SAMPLE_IMAGES:
+                            gr.Examples(
+                                examples=SAMPLE_IMAGES,
+                                inputs=[in_img],
+                                label=f"Select from sample images",
+                                examples_per_page=4,
+                                # run_on_click 默认为 False（只填充，不执行）
+                            )
+
+                # 输入 2：攻击与参数
+                with gr.Accordion("Attack mode", open=True):
+                    attack_mode = gr.Radio(
+                        choices=["none", "fgsm", "pgd", "random noise"],
+                        value="fgsm",
+                        label="",          
+                        show_label=False
+                    )
+                    eps   = gr.Slider(0.0, 0.3, step=0.01, value=0.0314, label="eps")
+                    alpha = gr.Slider(0.001, 0.05, step=0.001, value=0.0078, label="alpha (PGD step)")
+                    iters = gr.Slider(1, 100, step=1, value=10, label="PGD iterations")
+                    conf  = gr.Slider(0.0, 1.0, step=0.01, value=0.45, label="Confidence threshold (live)")
+
+                with gr.Row():
+                    btn_clear  = gr.ClearButton(
+                        components=[in_img, eps, alpha, iters, conf],  # 不清空 attack_mode
+                        value="Clear"
+                    )
+                    btn_submit = gr.Button("Submit", variant="primary")
+
+            # ===== 右列：两个输出区块 =====
+            with gr.Column(scale=5):
+                # 新增：评测模型选择
+                with gr.Row():
+                    eval_choice = gr.Dropdown(
+                        choices=[(f"Client model {MODEL_PATH}", "client"),
+                                 (f"Central model {MODEL_PATH_C}", "central")],
+                        value="client",                 # ★ 初始值为合法 value
+                        label="Evaluation model"
+                    )
+                    
+                    eval_model_state = gr.State(value="yolom")  
+
+                # ★ 合并后的单一回调：规范化下拉值 + 返回(更新后的下拉值, 模型对象)
+                def on_eval_change(val: str):
+                    if isinstance(val, (list, tuple)):
+                        val = val[0] if len(val) else "client"
+                    if val not in ("client", "central"):
+                        val = "client"
+                    model = "yolom" if val == "client" else "yolom_c"
+                    return gr.update(value=val), model
+
+                # 页面加载时同步一次，避免初次为空/不一致
+                demo.load(
+                    fn=on_eval_change,
+                    inputs=eval_choice,
+                    outputs=[eval_choice, eval_model_state]
+                )
+
+                # 仅这一条 change 绑定（删掉你原来那个只写 State 的 change，避免并发覆盖）
+                eval_choice.change(
+                    fn=on_eval_change,
+                    inputs=eval_choice,
+                    outputs=[eval_choice, eval_model_state]
+                )
+                out_orig = gr.Image(label="Original detection")
+                out_adv  = gr.Image(label="After attack detection")
+
+        # Submit：手动运行
+        btn_submit.click(
+            fn=detect_and_attack,
+            inputs=[in_img, eval_model_state, attack_mode, eps, alpha, iters, conf],
+            outputs=[out_orig, out_adv]
+        )
+
+        # 仅 conf 滑块“实时”
+        conf.release(
+            fn=detect_and_attack,
+            inputs=[in_img, eval_model_state, attack_mode, eps, alpha, iters, conf],
+            outputs=[out_orig, out_adv]
+        )
+
+    # demo.queue(concurrency_count=2, max_size=20)
+    demo.launch()
+    # demo.launch(server_name="0.0.0.0", server_port=7860)
+