FEAT analytics: analyze attack success rate with generic dimensions #1362
Conversation
Co-authored-by: romanlutz <[email protected]>
Co-authored-by: romanlutz <[email protected]>
Co-authored-by: romanlutz <[email protected]>
…d-asr-by-converter-type
…analytics_asr_by_generic_dimensions
|
|
||
| # Resolve deprecated aliases and validate dimension names | ||
| resolved_group_by: list[Union[str, tuple[str, ...]]] = [] | ||
| for spec in group_by: |
There was a problem hiding this comment.
should we check whether there are repeats in group_by? Fringe case but counts could be off in that specific case.
| "## Composite Dimensions\n", | ||
| "\n", | ||
| "Use a tuple of dimension names to create a cross-product grouping. For example,\n", | ||
| "`(\"converter_type\", \"attack_type\")` produces keys like `(\"Base64Converter\", \"crescendo\")`." |
There was a problem hiding this comment.
| "`(\"converter_type\", \"attack_type\")` produces keys like `(\"Base64Converter\", \"crescendo\")`." | |
| "`(\"converter_type\", \"attack_type\")` produces keys like `(\"Base64Converter\", \"CrescendoAttack\")`." |
| extractors.update(custom_dimensions) | ||
|
|
||
| # Resolve group_by — default to every registered dimension independently | ||
| if group_by is None: |
There was a problem hiding this comment.
should we warn if group_by = [] but custom_dimensions is non-empty?
|
|
||
| def _compute_stats(successes: int, failures: int, undetermined: int) -> AttackStats: | ||
| @dataclass | ||
| class AnalysisResult: |
There was a problem hiding this comment.
maybe not this PR, but should we have a way to pretty print the result?
| else: | ||
| # Composite: cross-product of all sub-dimension values | ||
| sub_values = [extractors[name](attack) for name in spec] | ||
| for combo in product(*sub_values): |
There was a problem hiding this comment.
I might be going down a rabbithole but I'm imagining that if there is an attack (attack_type_x) with multiple converters (let's say c1 and c2), then this cross product will include (c1, attack_type_x) and (c2, attack_type_y) (and also get more complicated if we have, say, custom dimensions that are one to many). I wonder if that's a bit misleading to a user because it wasn't really c1 attack_type_x that led to a specific result, it was the combination of both converters with attack_type_x. Maybe combinations of converters or other dimensions used in one attack should be treated as one entity?
Description
Generalizing
analyze_resultsto work with attack type, converter type, labels, or any dimension we can define from attack results.Tests and Documentation
unit tests and new notebook