Closed dlmgary closed 1 year ago
Update Counterfit to support import as a module. User can now run interact with different attacks and models directly from Python.
import counterfit import counterfit.targets as cf_targets digits_target = cf_targets.Digits() digits_target.load() cf_attack = counterfit.Counterfit.build_attack(digits_target, 'hop_skip_jump') results = counterfit.Counterfit.run_attack(cf_attack)
interact
set_target
use
set_attack
set
set_params
load
$ counterfit __ _____ __ _________ __ ______ / /____ _____/ __(_) /_ / ___/ __ \/ / / / __ \/ __/ _ \/ ___/ /_/ / __/ / /__/ /_/ / /_/ / / / / /_/ __/ / / __/ / / \___/\____/\__,_/_/ /_/\__/\___/_/ /_/ /_/\__/ Version: 1.1.0 counterfit> list targets ┏━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Name ┃ Model Type ┃ Data Type ┃ Input Shape ┃ # Samples ┃ Endpoint ┃ ┡━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ │ cart_pole │ closed-box │ tabular │ (1080000,) │ 0 │ cartpole_dqn_10000.pt.gz │ │ cart_pole_initstate │ closed-box │ tabular │ (4,) │ 0 │ cartpole_dqn_10000.pt.gz │ │ creditfraud │ closed-box │ tabular │ (30,) │ 0 │ creditfraud/creditfraud_sklearn_pipeline.pkl │ │ digits_keras │ closed-box │ image │ (28, 28, 1) │ 0. │ digits_keras/mnist_model.h5 │ │ digits_mlp │ closed-box │ image │ (1, 28, 28) │ 0 │ digits_mlp/mnist_sklearn_pipeline.pkl │ │ movie_reviews │ closed-box │ text │ (1,) │ 0. │ movie_reviews/movie_reviews_sentiment_analysis.pt │ │ satellite │ closed-box │ image │ (3, 256, 256) │ 0 │ satellite/satellite-image-params-airplane-stadium.h5 │ └─────────────────────┴────────────┴───────────┴───────────────┴───────────┴──────────────────────────────────────────────────────┘ counterfit> set_target satellite satellite> set_attack hop_skip_jump [+] success: Using fb58020f satellite>HopSkipJump:fb58020f> show info ┏━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ ┃ Attack Field ┃ Description ┃ ┡━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩ │ Name │ hop_skip_jump │ │ Type │ closed-box │ │ Category │ evasion │ │ Tags │ image, tabular │ │ Framework │ art │ │ Docs │ Implementation of the HopSkipJump attack from Jianbo et al. (2019). This is a powerful closed-box attack that only requires final class prediction, and │ │ │ is an advanced version of the boundary attack. | Paper link: https://arxiv.org/abs/1904.02144 │ └──────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘ satellite>HopSkipJump:fb58020f> run HopSkipJump: 0%| | 0/1 [00:00<?, ?it/sFailed to draw a random image that is adversarial, attack failed. HopSkipJump: 100%|████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 1/1 [00:04<00:00, 4.88s/it] [+] success: Attack completed fb58020f
main
Description
1. Counterfit as a package
Update Counterfit to support import as a module. User can now run interact with different attacks and models directly from Python.
2. Update Counterfit CLI
interactcommand has been replaced with the more idiomaticset_targetcommand.usecommand has been replaced with the more idiomaticset_attackcommand.setcommand has been replaced with the more idiomaticset_paramscommand.loadcommand has been deprecated. Frameworks and attacks are now automatically loaded by the CLI.3. Update to internal architecture
main