Other attacks¶

class
foolbox.attacks.
BinarizationRefinementAttack
(model=None, criterion=<foolbox.criteria.Misclassification object>, distance=<class 'foolbox.distances.MeanSquaredDistance'>, threshold=None)[source]¶ For models that preprocess their inputs by binarizing the inputs, this attack can improve adversarials found by other attacks. It does os by utilizing information about the binarization and mapping values to the corresponding value in the clean input or to the right side of the threshold.

__call__
(self, input_or_adv, label=None, unpack=True, starting_point=None, threshold=None, included_in='upper')[source]¶ For models that preprocess their inputs by binarizing the inputs, this attack can improve adversarials found by other attacks. It does os by utilizing information about the binarization and mapping values to the corresponding value in the clean input or to the right side of the threshold.
Parameters:  input_or_adv : numpy.ndarray or
Adversarial
The original, unperturbed input as a numpy.ndarray or an
Adversarial
instance. label : int
The reference label of the original input. Must be passed if a is a numpy.ndarray, must not be passed if a is an
Adversarial
instance. unpack : bool
If true, returns the adversarial input, otherwise returns the Adversarial object.
 starting_point : numpy.ndarray
Adversarial input to use as a starting point.
 threshold : float
The treshold used by the models binarization. If none, defaults to (model.bounds()[1]  model.bounds()[0]) / 2.
 included_in : str
Whether the threshold value itself belongs to the lower or upper interval.
 input_or_adv : numpy.ndarray or


class
foolbox.attacks.
PrecomputedAdversarialsAttack
(inputs, outputs, *args, **kwargs)[source]¶ Attacks a model using precomputed adversarial candidates.
Parameters:  inputs : numpy.ndarray
The original inputs that will be expected by this attack.
 outputs : numpy.ndarray
The adversarial candidates corresponding to the inputs.
 *args : positional args
Poistional args passed to the Attack base class.
 **kwargs : keyword args
Keyword args passed to the Attack base class.

__call__
(self, input_or_adv, label=None, unpack=True)[source]¶ Attacks a model using precomputed adversarial candidates.
Parameters:  input_or_adv : numpy.ndarray or
Adversarial
The original, unperturbed input as a numpy.ndarray or an
Adversarial
instance. label : int
The reference label of the original input. Must be passed if a is a numpy.ndarray, must not be passed if a is an
Adversarial
instance. unpack : bool
If true, returns the adversarial input, otherwise returns the Adversarial object.
 input_or_adv : numpy.ndarray or