def test_poison_ensemble(self):
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
ensemble = PoisonEnsemble(attack_pairs, X)
defender = DummyClassifier()
ensemble.poison(defender)
def test_fit_predict_all(self):
"""Test that you can fit and predict on all classifiers"""
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
y_out = attack_pairs.predict_all(X)
assert isinstance(y_out, np.ndarray)
assert y_out.shape == (X.shape[0], 2)
def test_get_attack_point(self):
"""Test that you can get an attack point from a particular attack"""
classifier_1 = DummyClassifier()
attack_1 = DummyPoisonAttack()
classifier_2 = DummyClassifier()
attack_2 = DummyPoisonAttack()
attack_pairs = AttackPairs()
attack_pairs.add(classifier_1, attack_1, 1)
attack_pairs.add(classifier_2, attack_2, 1)
attack_pairs.fit_all(X, Y)
(x_attack_1, y_attack_1) = attack_pairs.get_attack_point(0)
assert isinstance(x_attack_1, np.ndarray)
assert x_attack_1.shape == (1, 2)
(x_attack_2, y_attack_2) = attack_pairs.get_attack_point(1)
assert isinstance(x_attack_1, np.ndarray)
assert x_attack_1.shape == (1, 2)
lasso_classifier = OnlineLasso()
lasso_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]),
lasso_lambda=0.01)
attack_pairs.add(lasso_classifier, lasso_attack, 1)
# Setup Outlier Lasso
steps = [('KthNeighbor', KthNeighbor(outlier_distance_threshold=1)),
('OnlineLasso', OnlineLasso())]
lasso_outlier_classifier = Pipeline(steps)
lasso_outlier_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]),
lasso_lambda=0.01,
outlier_method='distancethreshold',
outlier_distance_threshold=1)
attack_pairs.add(lasso_outlier_classifier, lasso_outlier_attack, 1)
attack_pairs.fit_all(X, y)
ensemble = PoisonEnsemble(attack_pairs, X)
defender = OnlineLasso()
defender.fit(X, y)
for _ in range(0, 10):
ensemble.poison(defender, num_steps=1)
matplotlib.rcParams['axes.unicode_minus'] = False
ax = plt.subplot(3, 1, 1)
ax.scatter(X[:, 0], X[:, 1], c=ensemble.defender.predict(X))
ax.set_autoscale_on(True)
ax.set_title('Defender')
# Setup Attacks
attack_lasso = GeneralTikhonovAttack(lasso_lambda=alpha_lambda,
step_size=5000,
max_steps=1000)
attack_lasso_outlier = GeneralTikhonovAttack(lasso_lambda=alpha_lambda,
step_size=5000,
max_steps=1000,
outlier_method='distancethreshold',
outlier_distance_threshold=distance_threshold)
# Setup Attack Pairs
attack_pairs = AttackPairs()
attack_pairs.add(lasso, attack_lasso, 1)
attack_pairs.add(lasso_outlier, attack_lasso_outlier, 1)
attack_pairs.fit_all(data_train_x, data_train_y)
# Setup Ensemble
ensemble = PoisonEnsemble(attack_pairs, data_test_x, defender=defender)
beliefs = np.zeros((num_steps+1, 2))
beliefs[0, :] = np.array([0.5, 0.5])
for t in range(num_steps):
ensemble.poison_single()
beliefs[t+1, :] = ensemble.attack_pairs.get_beliefs()
print(beliefs)
plt.figure(figsize=(9, 9))
plt.stackplot(range(num_steps+1), beliefs[:, 0], beliefs[:, 1], labels=["Lasso", "Lasso Outlier"], baseline='zero')
plt.legend(loc=2)