adversarial-robustness-toolbox

adversarial-robustness-toolbox copied to clipboard

**Is your feature request related to a problem? Please describe.** In the original paper for the Witches' Brew / Gradient Matching Attack (), the two names were originally interchangeable. Therefore,...

f4str

**Is your feature request related to a problem? Please describe.** Under `art.attacks.poisoning`, although the `PoisoningAttackBackdoor` object exists which allows the user to insert backdoors and perform the Dirty Label Backdoor...

f4str

Add Semantic Attacks PyTorch

1

# Description Implementation of single semantic attacks on PyTorch image classifiers. The attacks are generated by perturbing hue, saturation, contrast, brightness, and rotation. Paper: https://openaccess.thecvf.com/content/CVPR2023/papers/Hsiung_Towards_Compositional_Adversarial_Robustness_Generalizing_Adversarial_Training_to_Composite_Semantic_CVPR_2023_paper.pdf Fixes #2126 ## Type of...

sarathknv

**Is your feature request related to a problem? Please describe.** Having run an attack, I'd like a function that automatically calculates the clean and robust accuracy as well as returning...

kieranfraser

**Is your feature request related to a problem? Please describe.** The "Segment Anything" (SAM) foundation model has received a lot of attention since its release a month ago (already 30k+...

kieranfraser

Feat: Add three new Membership Inference attacks

10

# Description Added three new types of membership inference attacks, these are as follows - * SIF Attack * Blind Membership inference Attack * White Box based Membership Inference Attacks...

iamsh4shank

Utility function for accuracy and l2 norm [JATIC-I2-IBM]

1

# Description Adding an attack-agnostic metric function to return clean and robust accuracy as well as calculation of average perturbation added to images which successfully fool classification estimator. Fixes #2301...

kieranfraser

Implement `get_activations()` for PyTorch Object Detectors

1

**Is your feature request related to a problem? Please describe.** The current PyTorch object detectors (`PyTorchObjectDetector`, `PyTorchFasterRCNN`, `PyTorchYolo`, `PyTorchDetectionTransformer`) do not implement the `get_activations()` method and therefore cannot extract activations....

f4str

Subclass the `PyTorchYolo` and `PyTorchDetectionTransformer` estimators off the `PyTorchObjectDetector` estimator class

1

**Is your feature request related to a problem? Please describe.** There is a lot of code overlap between the `PyTorchYolo`, `PyTorchDetectionTransformer`, and `PyTorchObjectDetector` estimators. This causes bugs to have to...

f4str

PatchFool implementation

7

# Description Initial draft implementation of PatchFool attack from the paper: [Patch-Fool: Are Vision Transformers Always Robust Against Adversarial Perturbations?](https://arxiv.org/abs/2203.08392) Currently there is an example notebook of the attack in...

sechkova