Perturbations#

The rAI-toolbox provides utilities for applying perturbations to data and solving for optimal perturbations. A perturbation model is a torch.nn.Module whose parameters are used by its forward pass to perturb a datum or a batch of data. E.g., AdditivePerturbation applies the perturbation \(x \rightarrow x + \delta\) via its forward pass, where \(\delta\) is the sole learnable parameter of this perturbation model.

Thus solving for perturbations is cast as a standard PyTorch optimization problem, where optimizers are used to make gradient-based updates to the perturbations. In this way, the rAI-toolbox enables adversarial perturbation workflows to be performed by standard training and testing frameworks (e.g. via PyTorch-Lightning). We also provide some custom solvers, e.g., gradient_ascent, to facilitate this line of work.

Models#

`PerturbationModel`(args, *kwargs)	Protocol for Perturbation Models.
`AdditivePerturbation`(data_or_shape[, ...])	Modifies a piece or batch of data by adding a perturbation: \(x \rightarrow x+\delta\).

Solvers#

`gradient_ascent`(*, model, data, target, ...)	Solve for a set of perturbations for a given set of data and a model, and then apply those perturbations to the data.
`random_restart`(solver, repeats)	Executes a solver function multiple times, saving out the best perturbations.

Initializers#

`uniform_like_l1_n_ball_`(x[, epsilon, ...])	Uniform sampling of an \(\epsilon\)-sized `n`-ball for \(L^1\)-norm, where `n` is controlled by `x.shape` and `param_ndim`.
`uniform_like_l2_n_ball_`(x[, epsilon, ...])	Uniform sampling within an \(\epsilon\)-sized `n`-ball for \(L^2\)-norm, where `n` is controlled by `x.shape` and `param_ndim`.
`uniform_like_linf_n_ball_`(x[, epsilon, ...])	Uniform sampling within an \(\epsilon\)-sized `n`-ball for \(L^{\infty}\)-norm.