Added support for BEYOND [ICML-2024]

[allenhzy]

Description

This pull request adds the support of the BEYOND Detection method proposed in [1].

[1] Be Your Own Neighborhood: Detecting Adversarial Example by the Neighborhood Relations Built on Self-Supervised Learning. ICML. 2024[Paper]

Type of change

Please check all relevant options.

• Improvement (non-breaking)
• Bug fix (non-breaking)
• New feature (non-breaking)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Testing

Please describe the tests that you ran to verify your changes. Consider listing any relevant details of your test configuration.

• Unit Test

Test Configuration:

• OS: Ubuntu 18.04
• Python version: 3.9.19
• ART version or commit number: 1.18.1
• Pytorch: 2.4.0
• cudnn version: 90100

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• My changes have been tested using both CPU and GPU devices

[codecov]

Codecov Report

Attention: Patch coverage is 21.53846% with 51 lines in your changes missing coverage. Please review.

Project coverage is 77.12%. Comparing base (42c6da4) to head (f5ec52c).
Report is 9 commits behind head on dev_1.19.0.

Files with missing lines	Patch %	Lines
art/defences/detector/evasion/beyond_detector.py	20.31%	50 Missing and 1 partial ⚠️

❗ There is a different number of reports uploaded between BASE (42c6da4) and HEAD (f5ec52c). Click for more details.

HEAD has 3 uploads less than BASE

Flag	BASE (42c6da4)	HEAD (f5ec52c)
	27	24

Additional details and impacted files

@@              Coverage Diff               @@
##           dev_1.19.0    #2489      +/-   ##
==============================================
- Coverage       85.23%   77.12%   -8.11%     
==============================================
  Files             329      330       +1     
  Lines           30143    30208      +65     
  Branches         5173     5177       +4     
==============================================
- Hits            25693    23299    -2394     
- Misses           3021     5606    +2585     
+ Partials         1429     1303     -126     

Files with missing lines	Coverage Δ
art/defences/detector/evasion/__init__.py	100.00% <100.00%> (ø)
art/defences/detector/evasion/beyond_detector.py	20.31% <20.31%> (ø)

... and 49 files with indirect coverage changes

[beat-buesser]

Hi @allenhzy Thank you very much for your pull request! Could you please take a look at my review comments and add the proposed updates?

[beat-buesser]

Suggested change

	# Copyright (C) The Adversarial Robustness Toolbox (ART) Authors 2023
	# Copyright (C) The Adversarial Robustness Toolbox (ART) Authors 2024

[beat-buesser]

Suggested change

	This module implements the abstract base class for all evasion detectors.
	This module implements the BEYOND detector for adversarial examples detection.
	| Paper link: https://openreview.net/pdf?id=S4LqI6CcJ3

[beat-buesser]

Suggested change

	"""
	BEYOND detector for adversarial samples detection.
	This detector uses a combination of SSL and target model predictions to detect adversarial samples.
	"""
	"""
	BEYOND detector for adversarial samples detection.
	This detector uses a combination of SSL and target model predictions to detect adversarial examples.
	| Paper link: https://openreview.net/pdf?id=S4LqI6CcJ3
	"""

[beat-buesser]

Suggested change

from typing import Any

[beat-buesser]

Suggested change

from typing import Any

[beat-buesser]

How large are the downloaded files? Can we store them in the ART repo?

[beat-buesser]

Please replace print with logger.

[beat-buesser]

Would it be possible to make these assertions more accurate?

[beat-buesser]

I think we can use load_cifar10() directly and remove get_cifar10()(.

[beat-buesser]

Add import for fixture load_cifar10().