ART 0.7.0
This release contains a new poison removal method, as well as some restructuring of features recently added to the library.
Added
- Poisoning fixing method performing retraining as part of the
ActivationDefence
class - Example script of how to use the poison removal method
- New module
wrappers
containing features that alter the behaviour of aClassifier
. These are to be used as wrappers for classifiers and to be passed directly to evasion attack instances.
Changed
ExpectationOverTransformations
has been moved to thewrappers
moduleQueryEfficientBBGradientEstimation
has been moved to thewrappers
module
Removed
- Attacks no longer take an
expectation
parameter (breaking). This has been replaced by a direct call to the attack with anExpectationOverTransformation
instance.
Fixed
- Bug in spatial transformations attack: when attack does not succeed, original samples are returned now (issue #40, fixed in #42, #43)
- Bug in Keras with loss functions that do not take labels in one-hot encoding (issue #41)
- Bug fix in activation defence against poisoning: incorrect test condition
- Bug fix in DeepFool: inverted stop condition when working with batches
- Import problem in
utils.py
: top level imports were forcing users to install all supported ML frameworks