heart_library.attacks package

Subpackages

• heart_library.attacks.evasion package
  • Submodules
  • heart_library.attacks.evasion.hop_skip_jump module
    • HeartHopSkipJump
      • HeartHopSkipJump.generate()
  • heart_library.attacks.evasion.laser_attack module
    • HeartLaserAttack
      • HeartLaserAttack.generate()
    • HeartLaserBeamAttack
  • heart_library.attacks.evasion.query_efficient_bb_attack module
    • HeartQueryEfficientBlackBoxAttack
      • HeartQueryEfficientBlackBoxAttack.attack_params
      • HeartQueryEfficientBlackBoxAttack.generate()
  • Module contents
    • HeartHopSkipJump
      • HeartHopSkipJump.generate()
    • HeartLaserBeamAttack
    • HeartQueryEfficientBlackBoxAttack
      • HeartQueryEfficientBlackBoxAttack.attack_params
      • HeartQueryEfficientBlackBoxAttack.generate()

Submodules

heart_library.attacks.attack module

This module implements a JATIC compatible ART Attack.

class heart_library.attacks.attack.JaticAttack(attack: Any, norm: int = 0, id: str | None = None)

Bases: object

Wrapper for JATIC compatible attacks

get_attack() → Any

Get the attack type which is being wrapped.

Returns:

Attack.

Return type:

Any

metadata: dict[str, Any]

reset_patch(patch: _SupportsArray[dtype[Any]] | _NestedSequence[_SupportsArray[dtype[Any]]] | bool | int | float | complex | str | bytes | _NestedSequence[bool | int | float | complex | str | bytes]) → None

Reset the adversarial patch.

Parameters:

patch – ArrayLike or float - the patch value to use for resetting the patch

class heart_library.attacks.attack.JaticEvasionAttackOutput(images: list[ndarray[Any, dtype[float32]]], targets: ndarray[Any, dtype[float32]], metadata: list[dict[str, Any]])

Bases: object

Dataclass output JaticEvasionAttackOutput

Examples

We can create a JaticAttack using ProjectedGradientDescentPyTorch and generate a JaticEvasionAttackOutput:

>>> from art.attacks.evasion import ProjectedGradientDescentPyTorch
>>> from heart_library.attacks.attack import JaticAttack
>>> import torchvision
>>> from torchvision.models import resnet18, ResNet18_Weights
>>> import torch
>>> import os
>>> import numpy as np
>>> from heart_library.estimators.classification.pytorch import JaticPyTorchClassifier

Define the JaticPyTorchClassifier:

>>> model = resnet18(ResNet18_Weights)
>>> loss_fn = torch.nn.CrossEntropyLoss(reduction="sum")
>>> optimizer = torch.optim.Adam(model.parameters(), lr=0.01)
>>> classifier = JaticPyTorchClassifier(
...     model=model,
...     loss=loss_fn,
...     optimizer=optimizer,
...     input_shape=(3, 32, 32),
...     nb_classes=10,
...     clip_values=(0, 255),
...     channels_first=False,
...     preprocessing=(0.0, 255),
... )

Prepare the data, execute the attack, and generate the output:

>>> data = torchvision.datasets.CIFAR10("../data", train=False, download=False)
>>> data = torch.utils.data.Subset(data, list(range(10)))

>>> predictions = classifier(data)

>>> attack = JaticAttack(
...     ProjectedGradientDescentPyTorch(
...         estimator=classifier, norm=np.inf, eps=8, eps_step=2, max_iter=5, targeted=False
...     ),
...     norm=2,
... )

>>> x_test_adv, _, meta = attack(data=data)

class heart_library.attacks.attack.JaticPoisonAttackOutput(poisoning_examples: ndarray[Any, dtype[float32]], poisoning_labels: ndarray[Any, dtype[float32]])

Bases: object

Dataclass output JaticPoisonAttackOutput

poisoning_examples: ndarray[Any, dtype[float32]]

poisoning_labels: ndarray[Any, dtype[float32]]

Module contents

Module providing adversarial attacks under a common interface.