Skip to content

Commit 5e6d3b6

Browse files
Irina NicolaeIrina Nicolae
Irina Nicolae
authored and
Irina Nicolae
committed
Update README to include new methods
(cherry picked from commit 58f0e3c)
1 parent 1edd5b2 commit 5e6d3b6

File tree

1 file changed

+11
-2
lines changed

1 file changed

+11
-2
lines changed

README.md

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,23 +7,32 @@ The library is still under development. Feedback, bug reports and extensions are
77

88
## Supported attack and defense methods
99

10-
The library contains implementations of the following attacks:
10+
The library contains implementations of the following **evasion attacks**:
1111
* DeepFool ([Moosavi-Dezfooli et al., 2015](https://arxiv.org/abs/1511.04599))
1212
* Fast Gradient Method ([Goodfellow et al., 2014](https://arxiv.org/abs/1412.6572))
1313
* Basic Iterative Method ([Kurakin et al., 2016](https://arxiv.org/abs/1607.02533))
14+
* Projected Gradient Descent ([Madry et al., 2017](https://arxiv.org/abs/1706.06083))
1415
* Jacobian Saliency Map ([Papernot et al., 2016](https://arxiv.org/abs/1511.07528))
1516
* Universal Perturbation ([Moosavi-Dezfooli et al., 2016](https://arxiv.org/abs/1610.08401))
1617
* Virtual Adversarial Method ([Miyato et al., 2015](https://arxiv.org/abs/1507.00677))
1718
* C&W Attack ([Carlini and Wagner, 2016](https://arxiv.org/abs/1608.04644))
1819
* NewtonFool ([Jang et al., 2017](http://doi.acm.org/10.1145/3134600.3134635))
1920

20-
The following defense methods are also supported:
21+
The following **defence** methods are also supported:
2122
* Feature squeezing ([Xu et al., 2017](http://arxiv.org/abs/1704.01155))
2223
* Spatial smoothing ([Xu et al., 2017](http://arxiv.org/abs/1704.01155))
2324
* Label smoothing ([Warde-Farley and Goodfellow, 2016](https://pdfs.semanticscholar.org/b5ec/486044c6218dd41b17d8bba502b32a12b91a.pdf))
2425
* Adversarial training ([Szegedy et al., 2013](http://arxiv.org/abs/1312.6199))
2526
* Virtual adversarial training ([Miyato et al., 2015](https://arxiv.org/abs/1507.00677))
2627
* Gaussian data augmentation ([Zantedeschi et al., 2017](https://arxiv.org/abs/1707.06728))
28+
* Thermometer encoding ([Buckman et al., 2018](https://openreview.net/forum?id=S18Su--CW))
29+
30+
ART also implements **detection** methods of adversarial samples:
31+
* Basic detector based on inputs
32+
* Detector trained on the activations of a specific layer
33+
34+
The following **detector of poisoning attacks** is also supported:
35+
* Detector based on activations analysis
2736

2837
## Setup
2938

0 commit comments

Comments
 (0)