niteshade.attack.LabelFlipperAttacker

class niteshade.attack.LabelFlipperAttacker(aggressiveness, label_flips, one_hot=False)

Bases: niteshade.attack.ChangeLabelAttacker

Flip labels based on a dictionary of information.

This is a strategy that flips labels, and is inspired by ideas in the following paper: “On Defending Against Label Flipping Attacks on Malware Detection Systems”, https://arxiv.org/abs/1908.04473.

Parameters

  • aggressiveness (float) – decides how many points labels to change

  • label_flips (dict) – defines how to flip labels

  • one_hot (bool) – tells if labels are one_hot encoded or not

__init__(aggressiveness, label_flips, one_hot=False)

Methods

__init__(aggressiveness, label_flips[, one_hot])

attack(x, y)

Method to change labels of points.

num_pts_to_change(x)

Calculate the number of points to change labels for.
attack(x, y)

Method to change labels of points.

For given minibatch of data x and associated labels y, the labels in y will be flipped based on the label_flips dict that will be specified by the user.

Parameters

  • x (array) – data

  • y (array/list) – labels

Returns

data y (array/list) : flipped labels

Return type

x (array)