Comments (1)
To address the concern about the perceived discrepancy in the art.attacks.poisoning.SleeperAgentAttack documentation regarding the return of poisoned sample indices, it's important to clarify that this might not represent a problem in the functionality or the documentation itself, but rather a misunderstanding of the intended use and design of the library.
The Advanced Robustness Toolkit (ART) is designed to be modular and flexible, accommodating various use cases and methodologies within the domain of adversarial machine learning. The design decision to separate the poison method from the get_poison_indices() method can be rationalized as follows:
Separation of Concerns: By design, the poison method focuses on the generation of poisoned samples, modifying x_train and y_train accordingly. This allows for a clear and focused functionality - generating poisoned data. The method's primary goal is to output poisoned data ready for training or analysis, not to track or manage indices of modifications.
Modularity: The get_poison_indices() function, although not detailed extensively in the documentation, likely serves a specialized purpose separate from the actual poisoning process. This could involve post-processing analysis, debugging, or specific research needs where knowing the exact indices of poisoned samples is crucial. Keeping this functionality separate enhances the toolkit's modularity, allowing users to opt-in to additional functionalities without complicating the core poisoning process.
Flexibility for Users: The current setup provides users with flexibility in how they handle poisoned data. Users who need the indices can call get_poison_indices() after poisoning, while those who don't need this information aren't forced to deal with an additional return value that might be irrelevant to their use case. This design choice respects the diverse needs of users and use cases.
Avoiding Redundancy and Confusion: Adding best_indices_poison as a third return value to the poison method, while removing get_poison_indices(), could streamline the process but at the cost of flexibility and modularity. It also introduces potential confusion for users who might not be interested in the indices, making the library seem more complex for simple poisoning tasks.
Given these considerations, the current implementation and documentation structure might not be an issue but a deliberate design choice to cater to a broad range of use cases and preferences within the adversarial machine learning community. Improving the documentation to better explain the role and usage of get_poison_indices() would certainly help clarify any misunderstandings without necessarily changing the library's architecture. This approach maintains the toolkit's flexibility and modularity while addressing the need for clearer guidance on using the available functionalities.
from adversarial-robustness-toolbox.
Related Issues (20)
- Upgrade Pylint Version and Review Required Disable Statements
- Backdoor attack HuggingFace Model Automatic Speech Recognition via HuggingFaceClassifierPytorch ART HOT 5
- .
- Lยน `FGM` is wrong + extend to all p >= 1 HOT 5
- Implement HuggingFace Object Detection Estimators
- Not generating Adversarial examples HOT 1
- PyTorch classes that check torch.optim.lr_scheduler._LRScheduler HOT 1
- AdversarialTrainer parameter name missmatch HOT 2
- Auto PGD not working with DLR loss for binary classification HOT 1
- ERROR collecting tests/attacks/evasion/test_brendel_and_bethge.py
- Measured Linf norm exceeds epsilon for ACG HOT 1
- Risky values in tests
- Gradient Explosion
- Robust
- Rr
- adversarial audio example notebook not giving the same results HOT 2
- Unable to utilize PytorchClassifier for ASR model HOT 1
- List of projects/tools utilising ART [JATIC-I4-IBM]
- Attack > Evasion > Momentum Iterative Method: major issues HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from adversarial-robustness-toolbox.