Criterial for Classification Models¶

Provide base classes that define what is adversarial.

class perceptron.utils.criteria.classification.Criterion[source]¶

Base class for criteria that define what is adversarial.

The Criterion class represents a criterion used to determine if predictions for an image are adversarial given a reference label. It shoud be subclassed when implementing new criteria. Subclasses must implement is_adversarial.

is_adversarial(self, predictions, ground_truth)[source]¶: Decides if predictions for an image are adversarial given a reference ground truth.

name(self)[source]¶: Returns a human readable name.

class perceptron.utils.criteria.classification.Misclassification[source]¶

Defines adversarials as images for which the predicted class is not the original class.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

class perceptron.utils.criteria.classification.ConfidentMisclassification(threshold)[source]¶

Defines adversarials as images for which the probability of any class other than the original is above a given threshold.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

class perceptron.utils.criteria.classification.TopKMisclassification(k)[source]¶

Defines adversarials as images for which the original class is not one of the top k predicted classes.

For k=1, the Misclassification class provides a more efficient implementation.

Parameters:	k : int Number of top predictions to which the reference label is compared to.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

class perceptron.utils.criteria.classification.TargetClass(target_class)[source]¶

Defines adversarials as images for which the predicted class is the given target class.

Parameters:	target_class : int The target class that needs to be predicted for an image to be considered an adversarial.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

target_class(self)[source]¶: Return target class.

class perceptron.utils.criteria.classification.OriginalClassProbability(p)[source]¶

Defines adversarials as images for which the probability of original class is below a given threshold.

This criterion alone does not guarantee that the class predicted for the adversarial image is not original class (unless p < 1 / num of classes). Therefore, it should usually be combined with a classification criterion.

Parameters:	p : float The threshold probability. If the probability of the original class is below this threshold, the image is considered an adversarial. It must satisfy 0 <= p <=1.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

class perceptron.utils.criteria.classification.TargetClassProbability(target_class, p)[source]¶

Defines adversarials as images for which the probability of a given target class is above a given threshold.

If the threshold is below 0.5, this criterion does not guarantee that the class predicted for the adversarial image is not the original class. In that case, it should usually be combined with a classification criterion.

Parameters:	target_class : int The target class for which the predicted probability must be above the threshold probability p, otherwise the image is not considered an adversarial. p : float The threshold probability. If the probability of the target class is above this threshold, the image is considered an adversarial. It must satisfy 0 <= p <= 1.

is_adversarial(self, predictions, label)[source]¶: Decides if predictions for an image are adversarial.

name(self)[source]¶: Return criterion name.

target_class(self)[source]¶: Return target class