def __init__(self, X_modified, Y_modified, X_test, Y_test, idx_train,
idx_poison):
self.X_modified = X_modified
self.Y_modified = Y_modified
self.X_test = X_test
self.Y_test = Y_test
self.idx_train = idx_train
self.idx_poison = idx_poison
self.X_train = X_modified[idx_train, :]
self.Y_train = Y_modified[idx_train]
self.X_poison = X_modified[idx_poison, :]
self.Y_poison = Y_modified[idx_poison]
self.class_map = data.get_class_map()
self.emp_centroids = data.get_centroids(self.X_modified,
self.Y_modified,
self.class_map)
self.true_centroids = data.get_centroids(self.X_train, self.Y_train,
self.class_map)
self.emp_centroid_vec = data.get_centroid_vec(self.emp_centroids)
self.true_centroid_vec = data.get_centroid_vec(self.true_centroids)
# Fraction of bad data / good data (so in total, there's 1+epsilon * good data )
self.epsilon = self.X_poison.shape[0] / self.X_train.shape[0]
def __init__(self, X_modified, Y_modified, X_test, Y_test, idx_train,
idx_poison, sub_trn_x, sub_trn_y, nsub_trn_x, nsub_trn_y,
sub_tst_x, sub_tst_y, nsub_tst_x, nsub_tst_y):
self.X_modified = X_modified
self.Y_modified = Y_modified
self.X_test = X_test
self.Y_test = Y_test
self.idx_train = idx_train
self.idx_poison = idx_poison
# subpopulation related info
self.sub_trn_x = sub_trn_x
self.sub_trn_y = sub_trn_y
self.nsub_trn_x = nsub_trn_x
self.nsub_trn_y = nsub_trn_y
self.sub_tst_x = sub_tst_x
self.sub_tst_y = sub_tst_y
self.nsub_tst_x = nsub_tst_x
self.nsub_tst_y = nsub_tst_y
self.X_train = X_modified[idx_train, :]
self.Y_train = Y_modified[idx_train]
self.X_poison = X_modified[idx_poison, :]
self.Y_poison = Y_modified[idx_poison]
self.class_map = data.get_class_map()
self.emp_centroids = data.get_centroids(self.X_modified,
self.Y_modified,
self.class_map)
self.true_centroids = data.get_centroids(self.X_train, self.Y_train,
self.class_map)
self.emp_centroid_vec = data.get_centroid_vec(self.emp_centroids)
self.true_centroid_vec = data.get_centroid_vec(self.true_centroids)
# Fraction of bad data / good data (so in total, there's 1+epsilon * good data )
self.epsilon = self.X_poison.shape[0] / self.X_train.shape[0]
use_emp=None,
use_emp_label=use_emp_label,
defense_label=defense_label,
max_frac_to_remove=max_frac_to_remove,
frac_increment=frac_increment,
num_folds=num_folds,
dists=dists)
results['num_neighbors'] = num_neighbors
## l2 grad defense
defense_label = 'grad-l2-ball'
if ((defense_to_test is None) or (defense_to_test == defense_label)):
print(' Computing L2 norm of gradients...')
losses = datadef.get_losses(params_modified, bias_modified)
sv_indices = losses > 0
sv_centroids = data.get_centroids(X_modified[sv_indices, :],
Y_modified[sv_indices], class_map)
dists = defenses.compute_dists_under_Q(X_modified,
Y_modified,
Q=None,
subtract_from_l2=None,
centroids=sv_centroids,
class_map=class_map)
dists[~sv_indices] = 0
dists = dists.reshape(-1, 1)
all_dists, results = defense_testers.process_defense(
datadef,
Q=None,
all_dists=all_dists,
model=svm_model,
weight_decay=best_weight_decay_modified,
results=results,