attack_params such as verbose and batch_size not passed in Universal Perturbation.

Trusted-AI / adversarial-robustness-toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

https://adversarial-robustness-toolbox.readthedocs.io/en/latest/

MIT License

4.88k stars 1.17k forks source link

attack_params such as verbose and batch_size not passed in Universal Perturbation. #1895

Closed adityagupta1089 closed 2 years ago

adityagupta1089 commented 2 years ago

https://github.com/Trusted-AI/adversarial-robustness-toolbox/blob/46b66e66ab95172fd8ed316feb75e5ff70627668/art/attacks/evasion/universal_perturbation.py#L177

For e.g. DeepFool still uses batch_size=1 and verbose=True if UniversalPerturbation(verbose=False, batch_size=512) is used. Could also be the reason for performance degradation when not used directly.

beat-buesser commented 2 years ago

Hi @adityagupta1089 Thank you very much for using ART! Would you be able to share an example code showing how to reproduce your observation?

adityagupta1089 commented 2 years ago

I was using:

UniversalPerturbation(classifier, batch_size=32, verbose=False)

but was still seeing progress bars with batch-size 1 for Deep Fool. Later realized DeepFool is a subprocedure in the whole process and the progress bars and batch size are different from the top level.

I think I might have confused the API, seems like the params for the top-level function UniversalPerturbation (batch_size, verbose) are different from the sub-attacker (DeepFool: batch_size, verbose).

Depends if this is an intended use case or if keeping the batch_size and verbosity for both makes more sense.

Feel free to close this if former.

beat-buesser commented 2 years ago

@adityagupta1089 Thank you for the updates!