Supported attacks¶
Provides different attack and evaluation approaches.
CarliniWagnerL2Metric |
The L2 version of C&W attack. |
CarliniWagnerLinfMetric |
The L_inf version of C&W attack. |
AdditiveNoiseMetric |
Base class for metric that tests models against additive noise. |
AdditiveGaussianNoiseMetric |
Metric that tests models against Gaussian noise. |
AdditiveUniformNoiseMetric |
Metric that tests models against uniform noise. |
BlendedUniformNoiseMetric |
Blends the image with a uniform noise image until it is misclassified. |
GaussianBlurMetric |
Metric that tests models against Gaussian blurs. |
BrightnessMetric |
Metric that tests models against brightness variations. |
ContrastReductionMetric |
Metric that tests models against brightness variations. |
MotionBlurMetric |
Motion blurs the image until it is misclassified. |
RotationMetric |
Metric that tests models against rotations. |
SaltAndPepperNoiseMetric |
Add salt and pepper noise. |
SpatialMetric |
Metric that tests models against spatial transformations. |
Supported models¶
Provides class to wrap existing models in different frameworks so that they provide a unified API to the benchmarks.
KerasModel |
Create a Model instance from a Keras model. |
PyTorchModel |
Creates a Model instance from a PyTorch module. |
AipModel |
Base class for models hosted on Baidu AIP platform. |
AipAntiPornModel |
Create a Model instance from an AipAntiPorn model. |
GoogleCloudModel |
Base class for models in Google Cloud. |
GoogleSafeSearchModel |
Create a :class: Model instance from a GoogleSafeSearchModel model. |
GoogleObjectDetectionModel |
Create a :class: Model instance from a GoogleObjectDetectionModel model. |
KerasYOLOv3Model |
KerasSSD300Model |
KerasResNet50RetinaNetModel |
Supported adversarial criterions¶
Provides class to wrap all adversarial criterions so that attacks has uniform API access.
Misclassification |
Defines adversarials as images for which the predicted class is not the original class. |
ConfidentMisclassification |
Defines adversarials as images for which the probability of any class other than the original is above a given threshold. |
TopKMisclassification |
Defines adversarials as images for which the original class is not one of the top k predicted classes. |
TargetClass |
Defines adversarials as images for which the predicted class is the given target class. |
OriginalClassProbability |
Defines adversarials as images for which the probability of original class is below a given threshold. |
TargetClassProbability |
Defines adversarials as images for which the probability of a given target class is above a given threshold. |
MisclassificationAntiPorn |
Defines adversarials as image for which the probability of being normal is larger than the probability of being porn. |
MisclassificationSafeSearch |
Defines adversarials as image for which the probability of being unsafe is lower than a threshold. |
TargetClassMiss |
Defines adversarials as images for which the target class is not in the detection result. |
TargetClassMissGoogle |
Defines adversarials as images for which the target class is not in the Google object detection result. |
WeightedAP |
Defines adversarials as weighted AP value larger than given threshold. |
Supported distance metrics¶
Provides classes to measure the distance between two images.
MeanSquaredDistance |
Calculates the mean squared error between two images. |
MeanAbsoluteDistance |
Calculates the mean absolute error between two images. |
Linfinity |
Calculates the L-infinity norm of the difference between two images. |
L0 |
Calculates the L0 norm of the difference between two images. |
alias of perceptron.utils.distances.MeanSquaredDistance |
alias of perceptron.utils.distances.MeanAbsoluteDistance |
Linf |
alias of perceptron.utils.distances.Linfinity |