def test_add_attack(self):
"""Test that an attack can be added"""
classifier = DummyClassifier()
attack = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier, attack, 1)
assert attack_pairs.attack_pairs == [{
'classifier': classifier,
'attack': attack,
'belief': 1
}]
def test_get_beliefs(self):
"""Test that you can get the current beliefs as a numpy array"""
classifier = DummyClassifier()
attack = DummyPoisonAttack()
attack_pairs = AttackPairs()
assert np.array_equal(attack_pairs.get_beliefs(), np.zeros((0, )))
attack_pairs.add(classifier, attack, 1)
assert np.array_equal(attack_pairs.get_beliefs(), np.array([1]))
attack_pairs.add(classifier, attack, 1)
assert np.array_equal(attack_pairs.get_beliefs(), np.array([1, 1]))
def test_fit_predict_all(self):
"""Test that you can fit and predict on all classifiers"""
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
y_out = attack_pairs.predict_all(X)
assert isinstance(y_out, np.ndarray)
assert y_out.shape == (X.shape[0], 2)
def test_get_attack_point(self):
"""Test that you can get an attack point from a particular attack"""
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
(x_attack_1, y_attack_1) = attack_pairs.get_attack_point(0)
assert isinstance(x_attack_1, np.ndarray)
assert x_attack_1.shape == (1, 2)
(x_attack_2, y_attack_2) = attack_pairs.get_attack_point(1)
assert isinstance(x_attack_1, np.ndarray)
assert x_attack_1.shape == (1, 2)
def test_poison_ensemble(self):
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
ensemble = PoisonEnsemble(attack_pairs, X)
defender = DummyClassifier()
ensemble.poison(defender)
def test_set_beliefs(self):
"""Test that you can set the current beliefs as a numpy array"""
classifier = DummyClassifier()
attack = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier, attack, 1)
rand_beliefs_1 = np.random.rand(1)
attack_pairs.set_beliefs(rand_beliefs_1)
assert np.array_equal(attack_pairs.get_beliefs(), rand_beliefs_1)
attack_pairs.add(classifier, attack, 1)
rand_beliefs_2 = np.random.rand(2)
attack_pairs.set_beliefs(rand_beliefs_2)
assert np.array_equal(attack_pairs.get_beliefs(), rand_beliefs_2)
attack_pairs.add(classifier, attack, 1)
rand_beliefs_3 = np.random.rand(3)
attack_pairs.set_beliefs(rand_beliefs_3)
assert np.array_equal(attack_pairs.get_beliefs(), rand_beliefs_3)
def test_setup_empty(self):
"""Test that the list of attack pairs is empty initially"""
attack_pairs = AttackPairs()
assert attack_pairs.attack_pairs == list()
def test_normalize_belief(self):
"""Test that the beliefs can be normalized"""
classifier = DummyClassifier()
attack = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier, attack, 1)
attack_pairs.add(classifier, attack, 1)
attack_pairs.add(classifier, attack, 1)
attack_pairs.normalize_beliefs()
assert np.array_equal(attack_pairs.get_beliefs(),
np.array([1.0, 1.0, 1.0]) / 3)
rand_beliefs_3 = np.random.rand(3)
attack_pairs.set_beliefs(rand_beliefs_3)
attack_pairs.normalize_beliefs()
assert np.array_equal(attack_pairs.get_beliefs(),
rand_beliefs_3 / np.sum(rand_beliefs_3))
X, y = make_blobs(n_samples=100,
centers=centers,
cluster_std=0.4,
n_features=2,
random_state=0)
y = (y * 2) - 1
matplotlib.rcParams['axes.unicode_minus'] = False
fig, ax = plt.subplots()
ax.scatter(X[:, 0], X[:, 1], c=y)
ax.set_autoscale_on(True)
ax.set_title('Toy Gaussian Dataset')
plt.show()
# Attack Stuff
attack_pairs = AttackPairs()
# Setup Regular Lasso
lasso_classifier = OnlineLasso()
lasso_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]),
lasso_lambda=0.01)
attack_pairs.add(lasso_classifier, lasso_attack, 1)
# Setup Outlier Lasso
steps = [('KthNeighbor', KthNeighbor(outlier_distance_threshold=1)),
('OnlineLasso', OnlineLasso())]
lasso_outlier_classifier = Pipeline(steps)
lasso_outlier_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]),
lasso_lambda=0.01,
outlier_method='distancethreshold',
outlier_distance_threshold=1)
steps = [('KthNeighbor', KthNeighbor(outlier_distance_threshold=distance_threshold)),
('Lasso', OnlineLasso(alpha=alpha_lambda))]
lasso_outlier = Pipeline(steps)
# Setup Attacks
attack_lasso = GeneralTikhonovAttack(lasso_lambda=alpha_lambda,
step_size=5000,
max_steps=1000)
attack_lasso_outlier = GeneralTikhonovAttack(lasso_lambda=alpha_lambda,
step_size=5000,
max_steps=1000,
outlier_method='distancethreshold',
outlier_distance_threshold=distance_threshold)
# Setup Attack Pairs
attack_pairs = AttackPairs()
attack_pairs.add(lasso, attack_lasso, 1)
attack_pairs.add(lasso_outlier, attack_lasso_outlier, 1)
attack_pairs.fit_all(data_train_x, data_train_y)
# Setup Ensemble
ensemble = PoisonEnsemble(attack_pairs, data_test_x, defender=defender)
beliefs = np.zeros((num_steps+1, 2))
beliefs[0, :] = np.array([0.5, 0.5])
for t in range(num_steps):
ensemble.poison_single()
beliefs[t+1, :] = ensemble.attack_pairs.get_beliefs()
print(beliefs)