New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
added SimBA (Simple Black-box Adversarial Attacks) #469
Conversation
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Hi @beat-buesser Thanks for your review again. According to your suggestions, I
We are really happy that you are planning to list our paper in your wiki page! |
Hi @kztakemoto Thank you very much! The new tests are now successfully running on Travis and the LGTM analysis does not raise any alerts. The PEP8 check has found two more warnings that I think after these two changes all the checks should be passing. |
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
@beat-buesser Thanks again. All your suggestions were accepted. We hope all the checks are passing. |
@kztakemoto I'm sorry, my last suggestion lead to another PEP8 warning, this last suggestion above fixes it. |
Co-authored-by: Beat Buesser <49047826+beat-buesser@users.noreply.github.com>
@beat-buesser thanks for your kind cooperation!! |
Codecov Report
@@ Coverage Diff @@
## dev_1.4.0 #469 +/- ##
=============================================
+ Coverage 67.39% 67.42% +0.03%
=============================================
Files 132 134 +2
Lines 11212 11505 +293
Branches 1887 1963 +76
=============================================
+ Hits 7556 7757 +201
- Misses 2982 3042 +60
- Partials 674 706 +32
|
Hi @kztakemoto Thank you very much for your contribution which is adding your Targeted Universal Perturbation attack and the Simple Black-box Adversarial Attacks attack to ART and for your work and patience during the review process! |
@beat-buesser Thank you very much. We are really happy to contribute to the development of ART! |
Description
added SimBA
added code for SimBA (Simple Black-box Adversarial Attacks) implemented in Keras:
art/attacks/evasion/simba.py
. This is related to Issue #51 .modified UniversalPerturbation (
art/attacks/evasion/universal_perturbation.py
) to use SimBA in UniversalPerturbation as an attacker.added a targeted attack version of UniversalPerturbation
added code for targeted attack version of UniversalPerturbation (TargetedUniversalPerturbation):
art/attacks/evasion/targeted_universal_perturbation.py
(see also https://github.com/hkthirano/targeted_UAP_CIFAR10). Note that FGSM and SimBA are only available as attackers in this implementation. This is related to Issue #393 .modified UniversalPerturbation
to be able to give associated correct labels (i.e., y) because the current version of UniversalPerturbation only use the model predictions as the correct labels. This is related to Issue #393 .
Fixes # (issue)
Type of change
Please check all relevant options.
Testing
I have tested this implementation with some examples: https://github.com/kztakemoto/SimBA-Keras
Test Configuration:
Checklist