`art.defences.postprocessor`¶

Module implementing postprocessing defences against adversarial attacks.

Base Class Postprocessor¶

class art.defences.postprocessor.Postprocessor(is_fitted: bool = False, apply_fit: bool = True, apply_predict: bool = True)¶

Abstract base class for postprocessing defences. Postprocessing defences are not included in the loss function evaluation for loss gradients or the calculation of class gradients.

abstract __call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(is_fitted: bool = False, apply_fit: bool = True, apply_predict: bool = True) → None¶

Create a postprocessing object.

Optionally, set attributes.

__weakref__¶: list of weak references to the object (if defined)

property apply_fit: bool¶

Property of the defence indicating if it should be applied at training time.

Returns:: True if the defence should be applied when fitting a model, False otherwise.

property apply_predict: bool¶

Property of the defence indicating if it should be applied at test time.

Returns:: True if the defence should be applied at prediction time, False otherwise.

fit(preds: ndarray, **kwargs) → None¶

Fit the parameters of the postprocessor if it has any.

Parameters:

preds (ndarray) – Training set to fit the postprocessor.
kwargs – Other parameters.

property is_fitted: bool¶

Return the state of the postprocessing object.

Returns:: True if the postprocessing model has been fitted (if this applies).

set_params(**kwargs) → None¶: Take in a dictionary of parameters and apply checks before saving them as attributes.

Class Labels¶

class art.defences.postprocessor.ClassLabels(apply_fit: bool = False, apply_predict: bool = True)¶

Implementation of a postprocessor based on adding class labels to classifier output.

__call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(apply_fit: bool = False, apply_predict: bool = True) → None¶

Create a ClassLabels postprocessor.

Parameters:

apply_fit (bool) – True if applied during fitting/training.
apply_predict (bool) – True if applied during predicting.

Gaussian Noise¶

class art.defences.postprocessor.GaussianNoise(scale: float = 0.2, apply_fit: bool = False, apply_predict: bool = True)¶

Implementation of a postprocessor based on adding Gaussian noise to classifier output.

__call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(scale: float = 0.2, apply_fit: bool = False, apply_predict: bool = True) → None¶

Create a GaussianNoise postprocessor.

Parameters:

scale (float) – Standard deviation of the distribution.
apply_fit (bool) – True if applied during fitting/training.
apply_predict (bool) – True if applied during predicting.

High Confidence¶

class art.defences.postprocessor.HighConfidence(cutoff: float = 0.25, apply_fit: bool = False, apply_predict: bool = True)¶

Implementation of a postprocessor based on selecting high confidence predictions to return as classifier output.

__call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(cutoff: float = 0.25, apply_fit: bool = False, apply_predict: bool = True) → None¶

Create a HighConfidence postprocessor.

Parameters:

cutoff (float) – Minimal value for returned prediction output.
apply_fit (bool) – True if applied during fitting/training.
apply_predict (bool) – True if applied during predicting.

Reverse Sigmoid¶

class art.defences.postprocessor.ReverseSigmoid(beta: float = 1.0, gamma: float = 0.1, apply_fit: bool = False, apply_predict: bool = True)¶

Implementation of a postprocessor based on adding the Reverse Sigmoid perturbation to classifier output.

__call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(beta: float = 1.0, gamma: float = 0.1, apply_fit: bool = False, apply_predict: bool = True) → None¶

Create a ReverseSigmoid postprocessor.

Parameters:

beta (float) – A positive magnitude parameter.
gamma (float) – A positive dataset and model specific convergence parameter.
apply_fit (bool) – True if applied during fitting/training.
apply_predict (bool) – True if applied during predicting.

Rounded¶

class art.defences.postprocessor.Rounded(decimals: int = 3, apply_fit: bool = False, apply_predict: bool = True)¶

Implementation of a postprocessor based on rounding classifier output.

__call__(preds: ndarray) → ndarray¶

Perform model postprocessing and return postprocessed output.

Return type:: ndarray
Parameters:: preds (ndarray) – model output to be postprocessed.
Returns:: Postprocessed model output.

__init__(decimals: int = 3, apply_fit: bool = False, apply_predict: bool = True) → None¶

Create a Rounded postprocessor.

Parameters:

decimals (int) – Number of decimal places after the decimal point.
apply_fit (bool) – True if applied during fitting/training.
apply_predict (bool) – True if applied during predicting.

`art.defences.postprocessor`¶

Base Class Postprocessor¶

Class Labels¶

Gaussian Noise¶

High Confidence¶

Reverse Sigmoid¶

Rounded¶

Adversarial Robustness Toolbox

Navigation

Related Topics

art.defences.postprocessor¶

Base Class Postprocessor¶

Class Labels¶

Gaussian Noise¶

High Confidence¶

Reverse Sigmoid¶

Rounded¶

`art.defences.postprocessor`¶