Adversarial Machine Learning ToolBox
Project description
Deep Illusion
Deep Illusion is a toolbox for adversarial attacks in machine learning. Current version is only implemented for Pytorch models. DeepIllusion is a growing and developing module day by day. Module currently includes complete implementation of well-known attacks (PGD, FGSM, R-FGSM etc..). All attacks have an apex(amp) version which you can run your attacks fast and accurately. We strongly recommend that amp versions should only be used for adversarial training since it may have gradient masking issues after neural net gets confident about its decisions.
Module Structure
deep-illusion
│ README.md
│
|───deepillusion
| | _utils.py Utility functions
| |
| |───torchattacks
| | │ _fgsm.py Fast Gradient Sign Method
| | │ _rfgsm.py Random Start + Fast Gradient Sign Method
| | │ _pgd.py Projected Gradient Descent
| | │ _soft_attacks.py Soft attack functions
| | │
| | |───amp
| | | │ _fgsm.py Mixed Precision (Faster) - Fast Gradient Sign Method
| | | │ _rfgsm.py Mixed Precision (Faster) - Random Start + Fast Gradient Sign Method
| | | │ _pgd.py Mixed Precision (Faster) - Projected Gradient Descent
| | | | _soft_attacks.py Mixed Precision (Faster) - Soft attack functions
| | |
| | └───analysis
| | │ _perturbation_statistics Perturbations statistics functions
| |
| |───tfattacks
| | |
| |
| └───jaxattacks
| |
|
└───tests
| fgsm_test.py
| fgsmt_test.py
| pgd_test.py
| bim_test.py
| rfgsm_test.py
| test_utils.py
Dependencies
numpy 1.16.4
tqdm 4.31.1
torchattacks
pytorch 1.4.0
apex 0.1 (optional)
tfattacks
tensorflow
jaxattacks
jax
Installation
pip install deepillusion
Example Use
from deepillusion.torchattacks import PGD, FGSM, RFGSM
##### PGD ######
data_params = {"x_min": 0., "x_max": 1.}
attack_params = {
"norm": "inf",
"eps": 8./255,
"step_size": 2./255,
"num_steps": 7,
"random_start": False,
"num_restarts": 1}
pgd_args = dict(net=model,
x=data,
y_true=target,
data_params=data_params,
attack_params=attack_params,
verbose=False)
perturbs = PGD(**pgd_args)
data_adversarial = data + perturbs
##### FGSM #####
data_params = {"x_min": 0., "x_max": 1.}
attack_params = {"norm": "inf",
"eps": 8./255}
fgsm_args = dict(net=model,
x=data,
y_true=target,
data_params=data_params,
attack_params=attack_params)
perturbs = FGSM(**fgsm_args)
data_adversarial = data + perturbs
Update
- pip install deepillusion --upgrade
Current Version
0.0.6
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file deepillusion-0.0.7.tar.gz.
File metadata
- Download URL: deepillusion-0.0.7.tar.gz
- Upload date:
- Size: 9.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/40.8.0 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fe71d18ff1e89e8013e2640f03425f5d3ae0ea44a23cdc227900827dc5d1f883
|
|
| MD5 |
f45ae618df9cf05f901d5c2dd7ab2d8b
|
|
| BLAKE2b-256 |
dce9bb78540e66e489b0f5ab808fb8485ea44a9e3173e8e3715f10c3bc13a911
|
