adversarial-robustness-toolbox icon indicating copy to clipboard operation
adversarial-robustness-toolbox copied to clipboard

Published 20 hours ago verified publisher icon Trusted-AI

Stateful Detection of Black-Box Adversarial Attacks

Open twrdyyy opened this issue 3 years ago • 6 comments

Algorithm described here https://arxiv.org/pdf/1907.05587.pdf

Implementation As a part of engineering thesis I'm implementing this algorithm. In addition, I will provide example usages of new module including: jupyter notebook and kubeflow pipeline.

twrdyyy avatar Oct 20 '21 08:10 twrdyyy

@beat-buesser I will soon open pull request with new module

twrdyyy avatar Oct 20 '21 08:10 twrdyyy

Hi @twrdyyy Thank you very much for your interest in ART!

beat-buesser avatar Oct 20 '21 11:10 beat-buesser

@beat-buesser PR probably will be ready by the end of this week, it will include:

  1. new black-box detection module
  • BlackBoxDetector
  • MemoryQueue class
  • NearestNeighborsWrapper for sklearn lib
  • Implementation of loss functions mentioned in paper (it is helpful for encoder training)
  1. implementation of encoder for pytorch (it was missing so I've decided to implement it as well)
  2. tests for black-box module
  3. detection example for mnist in pytorch.

I am going to use ART and especially this module to implement simple pipeline. I can share with you link to repository as well to include this in examples. Pipeline will use Tensorflow and Beam with kubeflow as UI.

twrdyyy avatar Nov 02 '21 08:11 twrdyyy

@beat-buesser To which branch to create a pull request? To dev_1.9.0?

twrdyyy avatar Nov 02 '21 08:11 twrdyyy

Yes, dev_1.9.0 is the currently dev branch for the next release.

beat-buesser avatar Nov 08 '21 19:11 beat-buesser

@beat-buesser implementation is ready I will create the PR so that you can review changes and propose some improvement

twrdyyy avatar Nov 21 '21 18:11 twrdyyy