203 integrate additional attacks with wrappers from foolbox and advlib#205
Open
fabiobrau wants to merge 14 commits into
Open
203 integrate additional attacks with wrappers from foolbox and advlib#205fabiobrau wants to merge 14 commits into
fabiobrau wants to merge 14 commits into
Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #205 +/- ##
==========================================
+ Coverage 91.07% 91.25% +0.17%
==========================================
Files 50 75 +25
Lines 1792 2240 +448
==========================================
+ Hits 1632 2044 +412
- Misses 160 196 +36 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR expands secmlt’s evasion-attack coverage by adding new attack “creator” APIs and backend wrappers for both Foolbox and Adversarial Library (adv-lib), plus corresponding test coverage to validate basic execution paths.
Changes:
- Added new evasion attack creators (e.g., FGSM, CW, DeepFool, VAT, plus several Foolbox-only decision-based attacks).
- Added Foolbox wrappers for additional attacks (boundary, hopskipjump, spatial, blur/noise, contrast reduction, etc.) and adv-lib wrappers for FGSM/CW/DeepFool.
- Extended
test_attacks.pyto exercise the new creators/wrappers and backend availability behavior.
Reviewed changes
Copilot reviewed 28 out of 28 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/secmlt/tests/test_attacks.py | Adds/extends tests covering new attacks and backend variants, including decision-based attacks. |
| src/secmlt/adv/evasion/vat.py | Introduces VAT creator (Foolbox backend). |
| src/secmlt/adv/evasion/spatial_attack.py | Introduces SpatialAttack creator (Foolbox-only). |
| src/secmlt/adv/evasion/saltandpepper.py | Introduces SaltAndPepperNoise creator (Foolbox-only). |
| src/secmlt/adv/evasion/hopskipjump.py | Introduces HopSkipJump creator (Foolbox-only). |
| src/secmlt/adv/evasion/gaussian_blur.py | Introduces GaussianBlur creator (Foolbox-only). |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_vat.py | Adds Foolbox wrapper for VAT. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_spatial.py | Adds Foolbox wrapper for SpatialAttack. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_saltandpepper.py | Adds Foolbox wrapper for SaltAndPepperNoiseAttack. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_hopskipjump.py | Adds Foolbox wrapper for HopSkipJumpAttack. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_gaussian_blur.py | Adds Foolbox wrapper for GaussianBlurAttack. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_fgsm.py | Adds Foolbox wrapper for FGSM (implemented via 1-step Linf PGD). |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_deepfool.py | Adds Foolbox wrapper for DeepFool (L2). |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_cw.py | Adds Foolbox wrapper for Carlini-Wagner (L2). |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_contrast_reduction.py | Adds Foolbox wrapper for contrast reduction (L2). |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_boundary.py | Adds Foolbox wrapper for BoundaryAttack. |
| src/secmlt/adv/evasion/foolbox_attacks/foolbox_additive_noise.py | Adds Foolbox wrapper for additive noise attacks (L2/Linf combos). |
| src/secmlt/adv/evasion/foolbox_attacks/init.py | Exposes the new Foolbox wrappers under the foolbox_attacks package. |
| src/secmlt/adv/evasion/fgsm.py | Adds FGSM creator supporting Foolbox + adv-lib backends. |
| src/secmlt/adv/evasion/deepfool.py | Adds DeepFool creator supporting Foolbox + adv-lib backends. |
| src/secmlt/adv/evasion/cw.py | Adds CW creator supporting Foolbox + adv-lib backends. |
| src/secmlt/adv/evasion/contrast_reduction.py | Adds ContrastReduction creator (Foolbox-only). |
| src/secmlt/adv/evasion/boundary_attack.py | Adds BoundaryAttack creator (Foolbox-only). |
| src/secmlt/adv/evasion/advlib_attacks/advlib_fgsm.py | Adds adv-lib wrapper for FGSM (via 1-step Linf PGD). |
| src/secmlt/adv/evasion/advlib_attacks/advlib_deepfool.py | Adds adv-lib wrapper for DeepFool (conditionally available by adv-lib version). |
| src/secmlt/adv/evasion/advlib_attacks/advlib_cw.py | Adds adv-lib wrapper for CW (L2). |
| src/secmlt/adv/evasion/advlib_attacks/init.py | Exposes new adv-lib wrappers and gates DeepFool by adv-lib version. |
| src/secmlt/adv/evasion/additive_noise.py | Adds AdditiveNoise creator (Foolbox-only). |
Comment on lines
+7
to
+14
| def _adv_lib_gte(major: int, minor: int, patch: int) -> bool: | ||
| try: | ||
| version_str = importlib.metadata.version("adv-lib") | ||
| except importlib.metadata.PackageNotFoundError: | ||
| return False | ||
| else: | ||
| parts = tuple(int(x) for x in version_str.split(".")[:3]) | ||
| return parts >= (major, minor, patch) |
Comment on lines
+58
to
+65
| def _adv_lib_gte(major: int, minor: int, patch: int) -> bool: | ||
| try: | ||
| version_str = importlib.metadata.version("adv-lib") | ||
| except importlib.metadata.PackageNotFoundError: | ||
| return False | ||
| else: | ||
| parts = tuple(int(x) for x in version_str.split(".")[:3]) | ||
| return parts >= (major, minor, patch) |
Comment on lines
+88
to
+92
| cls.check_backend_available(backend) | ||
| implementation = cls.get_implementation(backend) | ||
| return implementation( | ||
| perturbation_model=perturbation_model, | ||
| init_attack=init_attack, |
Comment on lines
+652
to
+661
| @pytest.fixture | ||
| def deterministic_model() -> BasePyTorchClassifier: | ||
| """Simple deterministic model for decision-based attack tests.""" | ||
| torch.manual_seed(0) | ||
| net = torch.nn.Sequential( | ||
| torch.nn.Flatten(), | ||
| torch.nn.Linear(3 * 32 * 32, 10), | ||
| ) | ||
| net.eval() | ||
| return BasePyTorchClassifier(model=net) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.