Update the one-pixel shortcut attack and its unit tests based on review

Signed-off-by: Nicholas Audric Adriel <[email protected]>

Author: nicholasadriel

art/attacks/poisoning/one_pixel_shortcut_attack.py

@@ -19,7 +19,6 @@
 This module implements One Pixel Shortcut attacks on Deep Neural Networks.
 """
 
-from typing import Optional, Tuple
 
 import numpy as np
 
@@ -33,6 +32,8 @@ class OnePixelShortcutAttack(PoisoningAttackBlackBox):
     for each class by maximizing a mean-minus-variance objective over that class's
     images. The found pixel coordinate and color are applied to all images of the class
     (labels remain unchanged). Reference: Wu et al. (ICLR 2023).
+
+    | Paper link: https://arxiv.org/abs/2205.12141
     """
 
     attack_params: list = []  # No external parameters for this attack
@@ -45,7 +46,7 @@ def _check_params(self):
         # No parameters to validate
         pass
 
-    def poison(self, x: np.ndarray, y: Optional[np.ndarray] = None, **kwargs) -> Tuple[np.ndarray, np.ndarray]:
+    def poison(self, x: np.ndarray, y: np.ndarray | None = None, **kwargs) -> tuple[np.ndarray, np.ndarray]:
         """
         Generate an OPS-poisoned dataset from clean data.
 

tests/attacks/poison/test_one_pixel_shortcut_attack.py

@@ -20,14 +20,15 @@
 
 import numpy as np
 import pytest
+from unittest.mock import patch
 
 from art.attacks.poisoning.one_pixel_shortcut_attack import OnePixelShortcutAttack
-from unittest.mock import patch
 from tests.utils import ARTTestException
 
 logger = logging.getLogger(__name__)
 
 
+@pytest.mark.framework_agnostic
 def test_one_pixel_per_image_and_label_preservation():
     try:
         x = np.zeros((4, 3, 3))
@@ -49,6 +50,7 @@ def test_one_pixel_per_image_and_label_preservation():
         raise ARTTestException("Pixel change or label consistency check failed") from e
 
 
+@pytest.mark.framework_agnostic
 def test_missing_labels_raises_error():
     try:
         x = np.zeros((3, 5, 5))
@@ -59,6 +61,7 @@ def test_missing_labels_raises_error():
         raise ARTTestException("Expected error not raised for missing labels") from e
 
 
+@pytest.mark.framework_agnostic
 def test_multi_channel_consistency():
     try:
         x = np.zeros((2, 2, 2, 3))
@@ -82,6 +85,7 @@ def test_multi_channel_consistency():
         raise ARTTestException("Multi-channel image consistency check failed") from e
 
 
+@pytest.mark.only_with_platform("pytorch")
 def test_one_pixel_effect_with_pytorchclassifier():
     try:
         import torch
@@ -92,11 +96,11 @@ def test_one_pixel_effect_with_pytorchclassifier():
         np.random.seed(0)
 
         # Create a toy dataset: 2x2 grayscale images, 2 classes
-        X = np.zeros((8, 1, 2, 2), dtype=np.float32)
+        x = np.zeros((8, 1, 2, 2), dtype=np.float32)
         for i in range(4):
-            X[i, 0, 0, 0] = i * 0.25  # class 0
+            x[i, 0, 0, 0] = i * 0.25  # class 0
         for i in range(4, 8):
-            X[i, 0, 0, 1] = (i - 4) * 0.25  # class 1
+            x[i, 0, 0, 1] = (i - 4) * 0.25  # class 1
         y = np.array([0, 0, 0, 0, 1, 1, 1, 1])
 
         model_clean = nn.Sequential(nn.Flatten(), nn.Linear(4, 2))
@@ -114,7 +118,7 @@ def test_one_pixel_effect_with_pytorchclassifier():
         acc_clean = np.mean(preds_clean.argmax(axis=1) == y)
 
         ops_attack = OnePixelShortcutAttack()
-        X_poison, y_poison = ops_attack.poison(X.copy(), y.copy())
+        x_poison, y_poison = ops_attack.poison(X.copy(), y.copy())
 
         model_poisoned = nn.Sequential(nn.Flatten(), nn.Linear(4, 2))
         classifier_poisoned = PyTorchClassifier(
@@ -125,24 +129,25 @@ def test_one_pixel_effect_with_pytorchclassifier():
             nb_classes=2,
         )
         classifier_poisoned.fit(
-            X_poison,
+            x_poison,
             y_poison,
             nb_epochs=10,
             batch_size=4,
             verbose=0,
         )
-        preds_poisoned = classifier_poisoned.predict(X_poison)
+        preds_poisoned = classifier_poisoned.predict(x_poison)
         acc_poisoned = np.mean(preds_poisoned.argmax(axis=1) == y_poison)
 
         # Adjusted assertions for robustness
-        assert acc_poisoned >= 1.0, f"Expected 100% poisoned accuracy, got {acc_poisoned:.3f}"
+        assert acc_poisoned == 1.0, f"Expected 100% poisoned accuracy, got {acc_poisoned:.3f}"
         assert acc_clean < 0.95, f"Expected clean accuracy < 95%, got {acc_clean:.3f}"
 
     except Exception as e:
         logger.warning("test_one_pixel_effect_with_pytorchclassifier failed: %s", e)
         raise ARTTestException("PyTorchClassifier integration with OPS attack failed") from e
 
 
+@pytest.mark.framework_agnostic
 def test_check_params_noop():
     try:
         attack = OnePixelShortcutAttack()
@@ -154,6 +159,7 @@ def test_check_params_noop():
         raise ARTTestException("Parameter check method failed unexpectedly") from e
 
 
+@pytest.mark.framework_agnostic
 def test_ambiguous_layout_nhwc():
     try:
         # Shape (N=1, H=3, W=2, C=3) - ambiguous, both 3 could be channels
@@ -173,6 +179,7 @@ def test_ambiguous_layout_nhwc():
         raise ARTTestException("Ambiguous NHWC layout handling failed") from e
 
 
+@pytest.mark.framework_agnostic
 def test_ambiguous_layout_nchw():
     try:
         # Shape (N=1, C=2, H=3, W=2) - ambiguous, no dim equals 1/3/4
@@ -192,6 +199,7 @@ def test_ambiguous_layout_nchw():
         raise ARTTestException("Ambiguous NCHW layout handling failed") from e
 
 
+@pytest.mark.framework_agnostic
 def test_unsupported_input_shape_raises_error():
     try:
         x = np.zeros((5, 5), dtype=np.float32)  # 2D input (unsupported)
@@ -203,6 +211,7 @@ def test_unsupported_input_shape_raises_error():
         raise ARTTestException("ValueError not raised for unsupported input shape") from e
 
 
+@pytest.mark.framework_agnostic
 def test_one_hot_labels_preserve_format():
     try:
         # Two 2x2 grayscale images, with one-hot labels for classes 0 and 1
@@ -221,6 +230,7 @@ def test_one_hot_labels_preserve_format():
         raise ARTTestException("One-hot label handling failed") from e
 
 
+@pytest.mark.framework_agnostic
 def test_class_skipping_when_no_samples():
     try:
         # Small dataset: 1 image 2x2, class 0