Module adversarial 

Adversarial training utilities for TensorLogic.

Provides FGSM (Fast Gradient Sign Method), PGD (Projected Gradient Descent), adversarial example generation, adversarial training loss, and robustness evaluation.

References

• Goodfellow et al. (2014): “Explaining and Harnessing Adversarial Examples” (FGSM)
• Madry et al. (2017): “Towards Deep Learning Models Resistant to Adversarial Attacks” (PGD)

Structs

AdversarialExample

The result of running an adversarial attack on a single input.

AdversarialTrainStats

Summary statistics collected during adversarial training over a batch.

AttackConfig

Configuration for an adversarial attack.

CrossEntropyAttackLoss

Cross-entropy loss for multi-class classification attacks.

LinearAttackModel

A simple linear model f(x) = W·x + b used primarily for testing attacks.

MseAttackLoss

Mean-squared-error loss for regression attacks.

Enums

AdversarialError

Errors that can arise during adversarial attack construction or execution.

PerturbNorm

The norm used to measure and project the adversarial perturbation.

Traits

AttackLoss

A differentiable loss function used by attack algorithms.

AttackModel

A model that can be attacked.

Functions

adversarial_training_loss

Compute the combined adversarial training loss over a batch:

fgsm

Fast Gradient Sign Method (Goodfellow et al., 2014).

pgd

Projected Gradient Descent (Madry et al., 2017).

project_l1

Project perturbation onto the L1 ball of radius epsilon.

project_l2

Project perturbation onto the L2 ball of radius epsilon.

project_linf

Project perturbation onto the L∞ ball of radius epsilon.

robustness_eval

Evaluate the model’s adversarial robustness on a set of samples.