-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement customizable summary writer and indicators of attack failure #1416
Conversation
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Codecov Report
@@ Coverage Diff @@
## dev_1.9.0 #1416 +/- ##
=============================================
+ Coverage 81.65% 90.42% +8.76%
=============================================
Files 236 237 +1
Lines 19214 19386 +172
Branches 3387 3438 +51
=============================================
+ Hits 15690 17530 +1840
+ Misses 2815 1076 -1739
- Partials 709 780 +71
|
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please find comments in the code
@@ -458,24 +461,20 @@ def generate(self, x: np.ndarray, y: Optional[np.ndarray] = None, **kwargs) -> T | |||
for images, target, mask_i in dataset: | |||
_ = self._train_step(images=images, target=target, mask=mask_i) | |||
|
|||
# Write summary | |||
if self.summary_writer is not None: # pragma: no cover |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the attack constructors accept “bool” for summary writer, how does that flow work here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, the super class replace any input type with an instance of SummaryWriter
or None
.
art/summary_writer.py
Outdated
global_step=global_step, | ||
) | ||
|
||
# Attack Failure Indicators |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these failure indicator based on some paper? Is it possible to include information here for documentation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great suggestion, I will add the reference to Pintor et al. (https://arxiv.org/abs/2106.09947)
TENSORFLOWV2_ESTIMATOR_TYPE = Union[ # pylint: disable=C0103 | ||
TensorFlowV2Classifier, | ||
TensorFlowV2Estimator, | ||
] | ||
|
||
ESTIMATOR_TYPE = Union[ # pylint: disable=C0103 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are the changes in utils.py
independent of SummaryWriter? Maybe include an additional line in the PR description?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They are related, but I'll also update the PR description.
tests/test_summary_writer.py
Outdated
yield x_train_mnist[:n_train], y_train_mnist[:n_train], x_test_mnist[:n_test], y_test_mnist[:n_test] | ||
|
||
|
||
def test_update(art_warning, fix_get_mnist_subset, image_dl_estimator): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should there be a separate test case for boolean values of swd?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, I'll add additional tests.
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, thanks
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
This pull request introduces 1 alert when merging c2c33fa into b77725e - view on LGTM.com new alerts:
|
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
This pull request introduces 3 alerts when merging b91bad1 into b77725e - view on LGTM.com new alerts:
|
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
This pull request introduces 3 alerts when merging c28a1b3 into b77725e - view on LGTM.com new alerts:
|
Signed-off-by: Beat Buesser <beat.buesser@ie.ibm.com>
This pull request introduces 3 alerts when merging 5d493c0 into b77725e - view on LGTM.com new alerts:
|
Description
This pull request introduces a new Summary Writer API which allows to collect metrics based on attack and estimator properties as function of iteration step in TensorBoard format. It provides a default summary writer collecting properties of loss gradients, loss values, adversarial patch, and indicators of attack failure. This summary writer will be available in all attacks in
art.attacks
as propertyself.summary_writer
and selected attacks including Projected Gradient Descent and Adversarial Patch and Texture have been updated accordingly, more attacks will follow soon. Users can provide customized summary writers to the attacks to collect custom metrics. Introduces a new Union typeESTIMATOR_TYPE
representing all estimators in ART.Fixes #1325
Type of change
Please check all relevant options.
Checklist