def test_poison_ensemble(self): classifier_1 = DummyClassifier() attack_1 = DummyPoisonAttack() classifier_2 = DummyClassifier() attack_2 = DummyPoisonAttack() attack_pairs = AttackPairs() attack_pairs.add(classifier_1, attack_1, 1) attack_pairs.add(classifier_2, attack_2, 1) attack_pairs.fit_all(X, Y) ensemble = PoisonEnsemble(attack_pairs, X) defender = DummyClassifier() ensemble.poison(defender)
def test_fit_predict_all(self): """Test that you can fit and predict on all classifiers""" classifier_1 = DummyClassifier() attack_1 = DummyPoisonAttack() classifier_2 = DummyClassifier() attack_2 = DummyPoisonAttack() attack_pairs = AttackPairs() attack_pairs.add(classifier_1, attack_1, 1) attack_pairs.add(classifier_2, attack_2, 1) attack_pairs.fit_all(X, Y) y_out = attack_pairs.predict_all(X) assert isinstance(y_out, np.ndarray) assert y_out.shape == (X.shape[0], 2)
def test_get_attack_point(self): """Test that you can get an attack point from a particular attack""" classifier_1 = DummyClassifier() attack_1 = DummyPoisonAttack() classifier_2 = DummyClassifier() attack_2 = DummyPoisonAttack() attack_pairs = AttackPairs() attack_pairs.add(classifier_1, attack_1, 1) attack_pairs.add(classifier_2, attack_2, 1) attack_pairs.fit_all(X, Y) (x_attack_1, y_attack_1) = attack_pairs.get_attack_point(0) assert isinstance(x_attack_1, np.ndarray) assert x_attack_1.shape == (1, 2) (x_attack_2, y_attack_2) = attack_pairs.get_attack_point(1) assert isinstance(x_attack_1, np.ndarray) assert x_attack_1.shape == (1, 2)
lasso_classifier = OnlineLasso() lasso_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]), lasso_lambda=0.01) attack_pairs.add(lasso_classifier, lasso_attack, 1) # Setup Outlier Lasso steps = [('KthNeighbor', KthNeighbor(outlier_distance_threshold=1)), ('OnlineLasso', OnlineLasso())] lasso_outlier_classifier = Pipeline(steps) lasso_outlier_attack = LinearAttack(boundary=np.array([[-10, -10], [10, 10]]), lasso_lambda=0.01, outlier_method='distancethreshold', outlier_distance_threshold=1) attack_pairs.add(lasso_outlier_classifier, lasso_outlier_attack, 1) attack_pairs.fit_all(X, y) ensemble = PoisonEnsemble(attack_pairs, X) defender = OnlineLasso() defender.fit(X, y) for _ in range(0, 10): ensemble.poison(defender, num_steps=1) matplotlib.rcParams['axes.unicode_minus'] = False ax = plt.subplot(3, 1, 1) ax.scatter(X[:, 0], X[:, 1], c=ensemble.defender.predict(X)) ax.set_autoscale_on(True) ax.set_title('Defender')
# Setup Attacks attack_lasso = GeneralTikhonovAttack(lasso_lambda=alpha_lambda, step_size=5000, max_steps=1000) attack_lasso_outlier = GeneralTikhonovAttack(lasso_lambda=alpha_lambda, step_size=5000, max_steps=1000, outlier_method='distancethreshold', outlier_distance_threshold=distance_threshold) # Setup Attack Pairs attack_pairs = AttackPairs() attack_pairs.add(lasso, attack_lasso, 1) attack_pairs.add(lasso_outlier, attack_lasso_outlier, 1) attack_pairs.fit_all(data_train_x, data_train_y) # Setup Ensemble ensemble = PoisonEnsemble(attack_pairs, data_test_x, defender=defender) beliefs = np.zeros((num_steps+1, 2)) beliefs[0, :] = np.array([0.5, 0.5]) for t in range(num_steps): ensemble.poison_single() beliefs[t+1, :] = ensemble.attack_pairs.get_beliefs() print(beliefs) plt.figure(figsize=(9, 9)) plt.stackplot(range(num_steps+1), beliefs[:, 0], beliefs[:, 1], labels=["Lasso", "Lasso Outlier"], baseline='zero') plt.legend(loc=2)