import osimport numpy as npimport tensorflow as tffrom tensorflow.keras.

1. import os
2.  
3. import numpy as np
4. import tensorflow as tf
5. from tensorflow.keras.callbacks import EarlyStopping
6. from sklearn.utils import shuffle
7.  
8. import constants as c
9. from utils import prepare_data, export_data
10. from models import target_model, shadow_model, attack_model
11. from validate import validate_attack_model, naive_solution, plot_roc_curve
12.  
13.  
14. def train_target_model(train_size, epochs, random_state=None, path=None, data_path=None):
15.     """
16.    Train target/victim model.
17.    Return: model           | trained model
18.            predictions     | model predictions on complete dataset
19.            classifications | classification of predictions as train(1) or test(0)
20.    """
21.     x_train, x_test, y_train, y_test = prepare_data(train_size=train_size, random_state=random_state)
22.  
23.     model = target_model()
24.     model.fit(x_train, y_train, epochs=epochs, validation_split=0.1, verbose=True)
25.     model.evaluate(x_test, y_test, verbose=True)
26.  
27.     train_predictions = model.predict(x_train)
28.     test_predictions  = model.predict(x_test)
29.  
30.     x                 = np.concatenate([x_train, x_test], axis=0)
31.     y                 = np.concatenate([y_train, y_test], axis=0)
32.     predictions       = np.concatenate([train_predictions, test_predictions], axis=0)
33.     classifications   = np.concatenate([np.ones(train_predictions.shape[0]), np.zeros(test_predictions.shape[0])], axis=0)
34.  
35.     [x, y, predictions, classifications] = shuffle(x, y, predictions, classifications)
36.  
37.     if path: model.save(path)
38.  
39.     if data_path: export_data(x, y, predictions, classifications, data_path)
40.  
41.     return model, predictions, classifications
42.  
43.  
44. def train_shadow_model(train_size, epochs, path=None):
45.     """
46.    Train shadow model.
47.    Assume architecture of target/victim model is known.
48.    Return: predictions     | model predictions on complete dataset
49.            classifications | classification of predictions as train(1) or test(0)
50.    """
51.     _, predictions, classifications = train_target_model(train_size, epochs, path=path)
52.  
53.     return predictions, classifications
54.  
55.  
56. def train_attack_model(shadow_predictions, shadow_classifications, epochs, path=None):
57.     """
58.    Train attack model.
59.    Uses predictions / classifications of shadow models.
60.    Return: model | trained attack model
61.    """
62.     model = attack_model()
63.     callback = EarlyStopping(monitor='val_acc', min_delta=0, patience=5)
64.     model.fit(shadow_predictions, shadow_classifications, epochs=epochs, callbacks=[callback], validation_split=0.1, verbose=True)
65.  
66.     if path: model.save(path)
67.  
68.     return model
69.  
70.  
71. if __name__ == "__main__":
72.     EPOCHS = 15
73.     NUM_MODELS = 1
74.     NUM_SHADOW_MODELS = 5
75.  
76.     for target_model_index in range(NUM_MODELS):
77.         print('Training model: ', target_model_index)
78.         target_model_path = os.path.join(c.MODELS_DIRECTORY, c.TARGET_MODEL_NAME.format(target_model_index=target_model_index))
79.         target_model_data_path = os.path.join(c.MODELS_DIRECTORY, c.TARGET_DATA_NAME.format(target_model_index=target_model_index))
80.  
81.         _, target_predictions, target_classifications = train_target_model(0.5, EPOCHS, random_state=None, path=target_model_path,
82.                                                                                                            data_path=target_model_data_path)
83.  
84.         shadow_predictions = []
85.         shadow_classifications = []
86.  
87.         for shadow_model_index in range(NUM_SHADOW_MODELS):
88.             print('Training shadow model: ', shadow_model_index)
89.             shadow_model_path = os.path.join(c.MODELS_DIRECTORY, c.SHADOW_MODEL_NAME.format(target_model_index=target_model_index,
90.                                                                                         shadow_model_index=shadow_model_index))
91.  
92.             predictions, classifications = train_shadow_model(0.2, EPOCHS, path=shadow_model_path)
93.  
94.             shadow_predictions.append(predictions)
95.             shadow_classifications.append(classifications)
96.  
97.         shadow_predictions = np.concatenate(shadow_predictions, axis=0)
98.         shadow_classifications = np.concatenate(shadow_classifications, axis=0)
99.  
100.         print('Training attack model: ', target_model_index)
101.         attack_model_path = os.path.join(c.MODELS_DIRECTORY, c.ATTACK_MODEL_NAME.format(target_model_index=target_model_index))
102.         attack_model = train_attack_model(shadow_predictions, shadow_classifications, epochs=10, path=attack_model_path)
103.  
104.         attack_model.evaluate(target_predictions, target_classifications)
105.  
106.         # validation
107.         attack_predictions = attack_model.predict(target_predictions)
108.         validate_attack_model(attack_predictions, target_classifications, cutoff=0.5)
109.  
110.         naive_solution(target_predictions, target_classifications, cutoff=0.99)
111.  
112.         # plots
113.         plot_roc_curve(target_classifications, attack_predictions)