Skip to content

Commit 1911c11

Browse files
authored
Merge branch 'main' into dependabot/pip/scikit-learn-gte-0.22.2-and-lt-1.4.0
2 parents 532423d + 044f87e commit 1911c11

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

42 files changed

+4152
-305
lines changed

.github/workflows/dockerhub.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535
with:
3636
images: adversarialrobustnesstoolbox/releases
3737
tags: |
38-
type=raw,value={{branch}}-1.16.0-{{sha}}
38+
type=raw,value={{branch}}-1.17.0-{{sha}}
3939
type=semver,pattern={{version}}
4040
4141
- name: Build and push Docker image

README-cn.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# Adversarial Robustness Toolbox (ART) v1.16
1+
# Adversarial Robustness Toolbox (ART) v1.17
22
<p align="center">
33
<img src="docs/images/art_lfai.png?raw=true" width="467" title="ART logo">
44
</p>

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# Adversarial Robustness Toolbox (ART) v1.16
1+
# Adversarial Robustness Toolbox (ART) v1.17
22
<p align="center">
33
<img src="docs/images/art_lfai.png?raw=true" width="467" title="ART logo">
44
</p>

art/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
from art import preprocessing
1313

1414
# Semantic Version
15-
__version__ = "1.16.0"
15+
__version__ = "1.17.0"
1616

1717
# pylint: disable=C0103
1818

art/attacks/evasion/__init__.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
from art.attacks.evasion.brendel_bethge import BrendelBethgeAttack
1919

2020
from art.attacks.evasion.boundary import BoundaryAttack
21+
from art.attacks.evasion.composite_adversarial_attack import CompositeAdversarialAttackPyTorch
2122
from art.attacks.evasion.carlini import CarliniL2Method, CarliniLInfMethod, CarliniL0Method
2223
from art.attacks.evasion.decision_tree_attack import DecisionTreeAttack
2324
from art.attacks.evasion.deepfool import DeepFool

art/attacks/evasion/composite_adversarial_attack.py

Lines changed: 673 additions & 0 deletions
Large diffs are not rendered by default.

art/attacks/extraction/knockoff_nets.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ def _random_extraction(self, x: np.ndarray, thieved_classifier: "CLASSIFIER_TYPE
155155
y=fake_labels,
156156
batch_size=self.batch_size_fit,
157157
nb_epochs=self.nb_epochs,
158-
verbose=0,
158+
verbose=False,
159159
)
160160

161161
return thieved_classifier
@@ -243,7 +243,7 @@ def _adaptive_extraction(
243243
y=fake_label,
244244
batch_size=self.batch_size_fit,
245245
nb_epochs=1,
246-
verbose=0,
246+
verbose=False,
247247
)
248248

249249
# Test new labels

art/attacks/inference/membership_inference/black_box.py

Lines changed: 249 additions & 123 deletions
Large diffs are not rendered by default.

art/attacks/poisoning/sleeper_agent_attack.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -360,7 +360,7 @@ def _create_model(
360360
for layer in model_pt.model.children():
361361
if hasattr(layer, "reset_parameters"):
362362
layer.reset_parameters() # type: ignore
363-
model_pt.fit(x_train, y_train, batch_size=batch_size, nb_epochs=epochs, verbose=1)
363+
model_pt.fit(x_train, y_train, batch_size=batch_size, nb_epochs=epochs, verbose=True)
364364
predictions = model_pt.predict(x_test)
365365
accuracy = np.sum(np.argmax(predictions, axis=1) == np.argmax(y_test, axis=1)) / len(y_test)
366366
logger.info("Accuracy of retrained model : %s", accuracy * 100.0)
@@ -370,7 +370,7 @@ def _create_model(
370370

371371
self.substitute_classifier.model.trainable = True
372372
model_tf = self.substitute_classifier.clone_for_refitting()
373-
model_tf.fit(x_train, y_train, batch_size=batch_size, nb_epochs=epochs, verbose=0)
373+
model_tf.fit(x_train, y_train, batch_size=batch_size, nb_epochs=epochs, verbose=False)
374374
predictions = model_tf.predict(x_test)
375375
accuracy = np.sum(np.argmax(predictions, axis=1) == np.argmax(y_test, axis=1)) / len(y_test)
376376
logger.info("Accuracy of retrained model : %s", accuracy * 100.0)

art/defences/detector/poison/activation_defence.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -695,7 +695,9 @@ def _get_activations(self, x_train: Optional[np.ndarray] = None) -> np.ndarray:
695695

696696
# wrong way to get activations activations = self.classifier.predict(self.x_train)
697697
if isinstance(activations, np.ndarray):
698-
nodes_last_layer = np.shape(activations)[1]
698+
# flatten activations across batch
699+
activations = np.reshape(activations, (activations.shape[0], -1))
700+
nodes_last_layer = activations.shape[1]
699701
else:
700702
raise ValueError("activations is None or tensor.")
701703

0 commit comments

Comments
 (0)