This release brings many new features to ART, including a poisoning module, an adversarial sample detection module and support for MXNet models.
Added
- Access to layers and model activations through the
ClassifierAPI - MXNet support
- Poison detection module, containing the poisoning detection method based on clustering activations
- Jupyter notebook with poisoning attack and detection example on MNIST
- Adversarial samples detection module, containing two detectors: one working based on inputs and one based on activations
Changed
- Optimized JSMA attack (
art.attacks.SaliencyMapMethod) - can now run on ImageNet data - Optimized C&W attack (
art.attacks.CarliniL2Method) - Improved adversarial trainer, now covering a wide range of setups
Removed
- Hard-coded
configfolder. Config now gets created on the fly when running ART for the first time. Produced config gets stored in home folder~/.art