Index

A

accuracy() (in module deeprobust.graph.utils) AdamOptimizer (class in deeprobust.image.optimizer) add_nodes() (RND method), [1] adjust_learning_rate() (in module deeprobust.image.utils) adv_data() (BaseDefense method) (Fast method) (FGSMtraining method) (PGDtraining method) adv_train() (AdvTraining method) AdvTraining (class in deeprobust.graph.defense.adv_training) AmazonPyg (class in deeprobust.graph.data) arctanh() (in module deeprobust.image.utils) attack() (BaseAttack method), [1], [2], [3] (BaseMeta method) (DICE method), [1] (FGA method), [1] (IGAttack method), [1] (MetaApprox method), [1] (Metattack method), [1] (MinMax method), [1] (Nettack method), [1] (NodeEmbeddingAttack method) (OtherNodeEmbeddingAttack method) (PGDAttack method), [1] (Random method), [1] (RND method), [1]

B

BaseAttack (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.base_attack) (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.base_attack) (class in deeprobust.image.attack.base_attack)

BaseDefense (class in deeprobust.image.defense.base_defense) BaseMeta (class in deeprobust.graph.global_attack.mettack) BasicBlock (class in deeprobust.image.netmodels.resnet) Bottleneck (class in deeprobust.image.netmodels.densenet) (class in deeprobust.image.netmodels.resnet)

C

calc_importance_edge() (IGAttack method), [1] calc_importance_feature() (IGAttack method), [1] calculate_loss() (Fast method) (FGSMtraining method) (PGDtraining method) CarliniWagner (class in deeprobust.image.attack.cw) ChebNet (class in deeprobust.graph.defense) check_adj() (BaseAttack method), [1], [2], [3] check_adj_tensor() (BaseAttack method), [1]

check_type_device() (BaseAttack method) classification_margin() (in module deeprobust.graph.utils) CoauthorPyg (class in deeprobust.graph.data) compute_alpha() (in module deeprobust.graph.targeted_attack.nettack) compute_cooccurrence_constraint() (Nettack method), [1] compute_log_likelihood() (in module deeprobust.graph.targeted_attack.nettack) compute_new_a_hat_uv (in module deeprobust.graph.targeted_attack.nettack) compute_new_a_hat_uv() (Nettack method), [1] create_train_dataset() (in module deeprobust.image.utils) CrossEntropyWithWeightPenlty (class in deeprobust.image.defense.YOPO)

D

Dataset (class in deeprobust.graph.data) (class in deeprobust.graph.data.dataset) DeepFool (class in deeprobust.image.attack.deepfool) deeprobust (module) deeprobust.graph (module) deeprobust.graph.black_box (module) deeprobust.graph.data (module) deeprobust.graph.data.attacked_data (module) deeprobust.graph.data.dataset (module) deeprobust.graph.defense (module) deeprobust.graph.defense.adv_training (module) deeprobust.graph.defense.gcn (module) deeprobust.graph.defense.gcn_preprocess (module) deeprobust.graph.defense.pgd (module) deeprobust.graph.defense.prognn (module) deeprobust.graph.defense.r_gcn (module) deeprobust.graph.global_attack (module) deeprobust.graph.global_attack.base_attack (module) deeprobust.graph.global_attack.dice (module) deeprobust.graph.global_attack.mettack (module) deeprobust.graph.global_attack.nipa (module) deeprobust.graph.global_attack.random_attack (module) deeprobust.graph.global_attack.topology_attack (module) deeprobust.graph.rl (module) deeprobust.graph.rl.env (module) deeprobust.graph.rl.nipa_config (module) deeprobust.graph.rl.nipa_env (module) deeprobust.graph.rl.nipa_nstep_replay_mem (module) deeprobust.graph.rl.nipa_q_net_node (module) deeprobust.graph.rl.nstep_replay_mem (module) deeprobust.graph.rl.q_net_node (module) deeprobust.graph.rl.rl_s2v_config (module) deeprobust.graph.rl.rl_s2v_env (module) deeprobust.graph.targeted_attack (module) deeprobust.graph.targeted_attack.base_attack (module) deeprobust.graph.targeted_attack.fga (module) deeprobust.graph.targeted_attack.ig_attack (module) deeprobust.graph.targeted_attack.nettack (module) deeprobust.graph.targeted_attack.rl_s2v (module) deeprobust.graph.targeted_attack.rnd (module) deeprobust.graph.utils (module) deeprobust.image (module) deeprobust.image.attack (module) deeprobust.image.attack.base_attack (module) deeprobust.image.attack.BPDA (module) deeprobust.image.attack.cw (module) deeprobust.image.attack.deepfool (module) deeprobust.image.attack.fgsm (module)

deeprobust.image.attack.l2_attack (module) deeprobust.image.attack.lbfgs (module) deeprobust.image.attack.Nattack (module) deeprobust.image.attack.onepixel (module) deeprobust.image.attack.pgd (module) deeprobust.image.attack.Universal (module) deeprobust.image.attack.YOPOpgd (module) deeprobust.image.config (module) deeprobust.image.defense (module) deeprobust.image.defense.base_defense (module) deeprobust.image.defense.fast (module) deeprobust.image.defense.fgsmtraining (module) deeprobust.image.defense.LIDclassifier (module) deeprobust.image.defense.pgdtraining (module) deeprobust.image.defense.TherEncoding (module) deeprobust.image.defense.trades (module) deeprobust.image.defense.YOPO (module) deeprobust.image.evaluation_attack (module) deeprobust.image.netmodels (module) deeprobust.image.netmodels.CNN (module) deeprobust.image.netmodels.CNN_multilayer (module) deeprobust.image.netmodels.densenet (module) deeprobust.image.netmodels.preact_resnet (module) deeprobust.image.netmodels.resnet (module) deeprobust.image.netmodels.train_model (module) deeprobust.image.netmodels.vgg (module) deeprobust.image.netmodels.YOPOCNN (module) deeprobust.image.optimizer (module) deeprobust.image.utils (module) DeepWalk (class in deeprobust.graph.defense) deepwalk_skipgram() (DeepWalk method) deepwalk_svd() (DeepWalk method) degree_normalize_adj() (in module deeprobust.graph.utils) degree_normalize_adj_tensor() (in module deeprobust.graph.utils) degree_normalize_sparse_tensor() (in module deeprobust.graph.utils) degree_sequence_log_likelihood() (in module deeprobust.graph.utils) degree_top_flips() (OtherNodeEmbeddingAttack method) DenseNet (class in deeprobust.image.netmodels.densenet) DenseNet121() (in module deeprobust.image.netmodels.densenet) DenseNet161() (in module deeprobust.image.netmodels.densenet) DenseNet169() (in module deeprobust.image.netmodels.densenet) DenseNet201() (in module deeprobust.image.netmodels.densenet) densenet_cifar() (in module deeprobust.image.netmodels.densenet) DICE (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.dice) differential_evolution() (in module deeprobust.image.optimizer) download_npz() (Dataset method), [1] Dpr2Pyg (class in deeprobust.graph.data) drop_dissimilar_edges() (GCNJaccard method), [1]

E

eigencentrality_top_flips() (OtherNodeEmbeddingAttack method) encode_onehot() (in module deeprobust.graph.utils)

EstimateAdj (class in deeprobust.graph.defense.prognn) eval() (NIPA method), [1] (RLS2V method), [1]

F

Fast (class in deeprobust.image.defense.fast) FASTPGD (class in deeprobust.image.attack.YOPOpgd) feature_scores() (Nettack method), [1] FGA (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.fga) FGSM (class in deeprobust.image.attack.fgsm) FGSMtraining (class in deeprobust.image.defense.fgsmtraining) filter_potential_singletons() (BaseMeta method) (Nettack method), [1] filter_singletons() (in module deeprobust.graph.targeted_attack.nettack)

fit() (ChebNet method) (GAT method) (GCN method), [1] (GCNJaccard method), [1] (GCNSVD method), [1] (ProGNN method), [1] (RGCN method), [1] (SGC method) flip_candidates() (NodeEmbeddingAttack method) forward() (GraphConvolution method), [1]

G

GAT (class in deeprobust.graph.defense) GaussianConvolution (class in deeprobust.graph.defense.r_gcn) GCN (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.gcn) GCNJaccard (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.gcn_preprocess) GCNSVD (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.gcn_preprocess) generate() (BaseAttack method) (CarliniWagner method) (DeepFool method) (Fast method) (FGSM method) (FGSMtraining method) (LBFGS method) (NATTACK method) (Onepixel method) (PGD method) (PGDtraining method) (TRADES method)

generate_candidates_addition() (NodeEmbeddingAttack method) generate_candidates_removal() (NodeEmbeddingAttack method) generate_candidates_removal_minimum_spanning_tree() (NodeEmbeddingAttack method) get_attacker_nodes() (Nettack method), [1] get_lid() (in module deeprobust.image.defense.LIDclassifier) get_prognn_splits() (Dataset method), [1] get_splits_each_class() (in module deeprobust.graph.utils) get_target_nodes() (PrePtbDataset method), [1] get_train_test() (in module deeprobust.graph.utils) get_train_test_labelrate() (in module deeprobust.graph.utils) get_train_val_test() (Dataset method), [1] (in module deeprobust.graph.utils) get_train_val_test_gcn() (in module deeprobust.graph.utils) GGCL_D (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.r_gcn) GGCL_F (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.r_gcn) GraphConvolution (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.gcn)

H

Hamiltonian (class in deeprobust.image.defense.YOPO)

I

IGAttack (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.ig_attack) initialize() (ChebNet method) (GAT method) (GCN method), [1] (SGC method) (SimPGCN method)

inject_nodes() (Random method), [1] is_sparse_tensor() (in module deeprobust.graph.utils)

L

largest_connected_components() (Dataset method), [1] LBFGS (class in deeprobust.image.attack.lbfgs) likelihood_ratio_filter() (in module deeprobust.graph.utils)

load_victim_model() (in module deeprobust.graph.black_box) log_likelihood_constraint() (BaseMeta method) loss() (BaseDefense method) loss_function() (CarliniWagner method)

M

make_symlink() (in module deeprobust.image.utils) MetaApprox (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.mettack) Metattack (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.mettack)

MinMax (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.topology_attack) myforward() (SimPGCN method)

N

NATTACK (class in deeprobust.image.attack.Nattack) Net (class in deeprobust.image.netmodels.CNN) (class in deeprobust.image.netmodels.CNN_multilayer) (class in deeprobust.image.netmodels.resnet) (class in deeprobust.image.netmodels.YOPOCNN) Nettack (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.nettack) NIPA (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.nipa) Node2Vec (class in deeprobust.graph.defense)

node2vec() (Node2Vec method) NodeAttackEnv (class in deeprobust.graph.rl.env) (class in deeprobust.graph.rl.rl_s2v_env) NodeEmbeddingAttack (class in deeprobust.graph.global_attack) NodeInjectionEnv (class in deeprobust.graph.rl.nipa_env) normalize_adj() (in module deeprobust.graph.utils) normalize_adj_tensor() (in module deeprobust.graph.utils) normalize_feature() (in module deeprobust.graph.utils) normalize_sparse_tensor() (in module deeprobust.graph.utils) NStepQNetNode (class in deeprobust.graph.rl.nipa_q_net_node) (class in deeprobust.graph.rl.q_net_node)

O

one_hot() (in module deeprobust.image.defense.TherEncoding) one_hot_to_thermometer() (in module deeprobust.image.defense.TherEncoding)

onehot_like() (in module deeprobust.image.utils) Onepixel (class in deeprobust.image.attack.onepixel) OtherNodeEmbeddingAttack (class in deeprobust.graph.global_attack)

P

parse_params() (BaseAttack method) (BaseDefense method) (CarliniWagner method) (DeepFool method) (Fast method) (FGSM method) (FGSMtraining method) (LBFGS method) (NATTACK method) (Onepixel method) (PGD method) (PGDtraining method) (TRADES method) pending_f() (CarliniWagner method) perturb_adj() (Random method), [1] perturb_features() (Random method), [1] PGD (class in deeprobust.graph.defense.pgd) (class in deeprobust.image.attack.pgd) PGDAttack (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.topology_attack) PGDtraining (class in deeprobust.image.defense.pgdtraining) possible_actions() (NIPA method), [1]

PreActBlock (class in deeprobust.image.netmodels.preact_resnet) PreActBottleneck (class in deeprobust.image.netmodels.preact_resnet) PreActResNet (class in deeprobust.image.netmodels.preact_resnet) PreActResNet18() (in module deeprobust.image.netmodels.preact_resnet) predict() (ChebNet method) (GAT method) (GCN method), [1] (GCNJaccard method), [1] (GCNSVD method), [1] (RGCN method), [1] (SGC method) (SimPGCN method) preprocess() (in module deeprobust.graph.utils) PrePtbDataset (class in deeprobust.graph.data) (class in deeprobust.graph.data.attacked_data) ProGNN (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.prognn) prox_l1() (ProxOperators method) prox_nuclear() (ProxOperators method) ProxOperators (class in deeprobust.graph.defense.pgd) PtbDataset (class in deeprobust.graph.data) (class in deeprobust.graph.data.attacked_data) Pyg2Dpr (class in deeprobust.graph.data)

Q

QNetNode (class in deeprobust.graph.rl.nipa_q_net_node) (class in deeprobust.graph.rl.q_net_node)

R

Random (class in deeprobust.graph.global_attack) (class in deeprobust.graph.global_attack.random_attack) random_top_flips() (OtherNodeEmbeddingAttack method) ravel_multiple_indices() (in module deeprobust.graph.utils) reset() (Nettack method), [1]

RGCN (class in deeprobust.graph.defense) (class in deeprobust.graph.defense.r_gcn) RLS2V (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.rl_s2v) RND (class in deeprobust.graph.targeted_attack) (class in deeprobust.graph.targeted_attack.rnd)

S

sample_forever() (DICE method), [1] (Random method), [1] save_adj() (BaseAttack method), [1], [2], [3] save_features() (BaseAttack method), [1], [2], [3] save_model() (BaseDefense method) SGC (class in deeprobust.graph.defense) SGD (class in deeprobust.graph.defense.pgd)

SimPGCN (class in deeprobust.graph.defense) single_attack() (FASTPGD method) sparse_mx_to_torch_sparse_tensor() (in module deeprobust.graph.utils) step() (NodeAttackEnv method), [1] (NodeInjectionEnv method) (SGD method) struct_score() (Nettack method), [1] svd_embedding() (DeepWalk method)

T

tab_printer() (in module deeprobust.image.utils) tensor2onehot() (in module deeprobust.graph.utils) test() (BaseDefense method) (ChebNet method) (Fast method) (FGSMtraining method) (GAT method) (GCN method), [1] (in module deeprobust.image.netmodels.CNN) (in module deeprobust.image.netmodels.CNN_multilayer) (in module deeprobust.image.netmodels.densenet) (in module deeprobust.image.netmodels.vgg) (PGDtraining method) (ProGNN method), [1] (RGCN method), [1] (SGC method) (SimPGCN method) (TRADES method) Thermometer() (in module deeprobust.image.defense.TherEncoding) to_model_space() (CarliniWagner method) to_scipy() (in module deeprobust.graph.utils) to_tensor() (in module deeprobust.graph.utils)

torch_accuracy() (in module deeprobust.image.defense.YOPO) TRADES (class in deeprobust.image.defense.trades) train() (BaseDefense method) (Fast method) (FGSMtraining method) (in module deeprobust.image.defense.LIDclassifier) (in module deeprobust.image.defense.TherEncoding) (in module deeprobust.image.netmodels.CNN) (in module deeprobust.image.netmodels.CNN_multilayer) (in module deeprobust.image.netmodels.densenet) (in module deeprobust.image.netmodels.train_model) (in module deeprobust.image.netmodels.vgg) (NIPA method), [1] (PGDtraining method) (RLS2V method), [1] (TRADES method) train_one_epoch() (in module deeprobust.image.defense.YOPO) train_victim_model() (in module deeprobust.graph.black_box) train_with_early_stopping() (ChebNet method) (GAT method) (SGC method) Transition (class in deeprobust.image.netmodels.densenet) truncatedSVD() (GCNSVD method), [1]

U

universal_adversarial_perturbation() (in module deeprobust.image.attack.Universal) update_edge_index() (Dpr2Pyg method)

update_Sx() (in module deeprobust.graph.targeted_attack.nettack) updated_log_likelihood_for_edge_changes() (in module deeprobust.graph.utils)

V

VGG (class in deeprobust.image.netmodels.vgg)

visualize() (in module deeprobust.graph.utils)