Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adapt ART to feature vectors #49

Closed
7 of 11 tasks
ririnicolae opened this issue Apr 19, 2019 · 1 comment
Closed
7 of 11 tasks

Adapt ART to feature vectors #49

ririnicolae opened this issue Apr 19, 2019 · 1 comment
Assignees
@ririnicolae
Labels
enhancement New feature or request Epic
Milestone
ART v1.0.0

Comments

@ririnicolae
Copy link
Collaborator

ririnicolae commented Apr 19, 2019
edited

This requires multiple changes to all modules:

  • Allow clip_values to be None in all classifiers
  • Allow clip_values to have a different value per feature
  • Similarly, change attack strength (often eps, eps_step) from just scalar to scalar or vector. If a vector is provided, it should have the same size as the number of features. This is to allow attacks to be applied on features with different ranges and mostly concerns L_inf attacks.
  • In line with the previous item, adapt random initialization in boundary attack to take into account the different scales in features for feature vectors.
  • Only perform clipping in attacks if the targeted model has clip_values
  • Generalize the shape of the input assumed in Classifier and other modules: moving from four dimensions (first one being the batch) to any number of dimensions (where first one is still the batch size)
  • Add checks and safeguards on number of dimensions of data for the attacks / defences that can only be applied on images
  • Add tests for feature vectors classifiers
  • Add tests with no clipping / clipping per feature for both images and feature vectors
  • Update examples and notebooks to ensure that they still work
  • Create notebook with attacks on feature vectors using some malware dataset
@ririnicolae ririnicolae added the enhancement New feature or request label Apr 19, 2019
@ririnicolae ririnicolae added this to the ART v1.0.0 milestone Apr 19, 2019
@ririnicolae ririnicolae self-assigned this Apr 26, 2019
@ririnicolae ririnicolae mentioned this issue May 3, 2019
Closed
@ririnicolae ririnicolae mentioned this issue May 15, 2019
Merged
13 tasks
beat-buesser pushed a commit that referenced this issue May 20, 2019
Merge branch 'dev' for release 0.9.0
c65512b 
This release contains breaking changes to attacks and defenses with regards to setting attributes, removes restrictions on input shapes which enables the use of feature vectors and several bug fixes.

  # Added

    - implement pickle for classifiers `tensorflow` and `pytorch` (#39)
    - added example `data_augmentation.py` demonstrating the use of data generators

 # Changed

    - renamed and moved tests (#58)
    - change input shape restrictions, classifiers accept now any input shape, for example feature vectors; attacks requiring spatial inputs are raising expceptions (#49)
    - clipping of data ranges becomes optional in classifiers which allows attacks to accept unbounded data ranges (#49)
    - [Breaking changes] class attributes in attacks can no longer be changed with method `generate`, changing attributes is only possible with methods `__init__` and `set_params`
    - [Breaking changes] class attributes in defenses can no longer be changed with method `generate`, changing attributes is only possible with methods `__call__` and `set_params`
    - resolved inconsistency in PGD random_init with Madry's version

  # Removed

    - deprecated static adversarial trainer `StaticAdversarialTrainer`

  # Fixed

    - Fixed bug in attack ZOO (#60)
@ririnicolae
Copy link
Collaborator Author

I think this issue is ready to be closed. An example of usage for feature vectors is provided in PR #92. The item on having per-feature values for attack strenghts eps should probably be further discussed and addressed in a separate issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ririnicolae ririnicolae

Labels
enhancement New feature or request Epic
Projects
None yet
Milestone
ART v1.0.0
Development

No branches or pull requests
1 participant
@ririnicolae