Merge branch 'dev_1.7.0' into dev_1.7.0

Author: beat-buesser

.github/workflows/ci-deepspeech-v2.yml

@@ -29,4 +29,4 @@ jobs:
       - name: Run Test Action
         uses: ./.github/actions/deepspeech-v2
       - name: Upload coverage to Codecov
-        uses: codecov/[email protected].0
+        uses: codecov/[email protected].2

.github/workflows/ci-lingvo.yml

@@ -60,4 +60,4 @@ jobs:
       - name: Run ${{ matrix.name }} Tests
         run: ./run_tests.sh ${{ matrix.framework }}
       - name: Upload coverage to Codecov
-        uses: codecov/[email protected].0
+        uses: codecov/[email protected].2

.github/workflows/ci-mxnet.yml

@@ -86,4 +86,4 @@ jobs:
       - name: Run ${{ matrix.name }} Tests
         run: ./run_tests.sh ${{ matrix.framework }}
       - name: Upload coverage to Codecov
-        uses: codecov/[email protected].0
+        uses: codecov/[email protected].2

.github/workflows/ci-pytorch-fasterrcnn.yml

@@ -46,4 +46,4 @@ jobs:
       - name: Run Test Action
         run: pytest --cov-report=xml --cov=art --cov-append -q -vv tests/estimators/object_detection/test_pytorch_faster_rcnn.py --framework=pytorch --skip_travis=True --durations=0
       - name: Upload coverage to Codecov
-        uses: codecov/[email protected].0
+        uses: codecov/[email protected].2

.github/workflows/ci.yml

@@ -133,4 +133,4 @@ jobs:
       - name: Run Tests
         run: ./run_tests.sh ${{ matrix.framework }}
       - name: Upload coverage to Codecov
-        uses: codecov/[email protected].0
+        uses: codecov/[email protected].2

AUTHORS

@@ -5,7 +5,7 @@
 # - Person <email address>
 
 - International Business Machines Corporation (IBM)
-- Two Six Labs, LLC
+- Two Six Technologies
 - Kyushu University
 - Intel Corporation
 - University of Chicago

README-cn.md

@@ -26,12 +26,21 @@
 （图像，表格，音频，视频等）和机器学习任务（分类，物体检测，语音识别，
 生成模型，认证等）。
 
+## Adversarial Threats
+
 <p align="center">
   <img src="docs/images/adversarial_threats_attacker.png?raw=true" width="400" title="ART logo">
   <img src="docs/images/adversarial_threats_art.png?raw=true" width="400" title="ART logo">
 </p>
 <br />
 
+## ART for Red and Blue Teams (selection)
+
+<p align="center">
+  <img src="docs/images/white_hat_blue_red.png?raw=true" width="800" title="ART Red and Blue Teams">
+</p>
+<br />
+
 ## 学到更多
 
 | **[开始使用][get-started]**     | **[文献资料][documentation]**     | **[贡献][contributing]**           |

README.md

@@ -27,12 +27,21 @@ adversarial threats of Evasion, Poisoning, Extraction, and Inference. ART suppor
 (images, tables, audio, video, etc.) and machine learning tasks (classification, object detection, speech recognition,
 generation, certification, etc.).
 
+## Adversarial Threats
+
 <p align="center">
   <img src="docs/images/adversarial_threats_attacker.png?raw=true" width="400" title="ART logo">
   <img src="docs/images/adversarial_threats_art.png?raw=true" width="400" title="ART logo">
 </p>
 <br />
 
+## ART for Red and Blue Teams (selection)
+
+<p align="center">
+  <img src="docs/images/white_hat_blue_red.png?raw=true" width="800" title="ART Red and Blue Teams">
+</p>
+<br />
+
 ## Learn more
 
 | **[Get Started][get-started]**     | **[Documentation][documentation]**     | **[Contributing][contributing]**           |

art/attacks/attack.py

@@ -329,12 +329,12 @@ def __init__(self, estimator):
     @abc.abstractmethod
     def infer(self, x: np.ndarray, y: Optional[np.ndarray] = None, **kwargs) -> np.ndarray:
         """
-        Infer sensitive properties (attributes, membership training records) from the targeted estimator. This method
+        Infer sensitive attributes from the targeted estimator. This method
         should be overridden by all concrete inference attack implementations.
 
         :param x: An array with reference inputs to be used in the attack.
         :param y: Labels for `x`. This parameter is only used by some of the attacks.
-        :return: An array holding the inferred properties.
+        :return: An array holding the inferred attribute values.
         """
         raise NotImplementedError
 
@@ -358,12 +358,41 @@ def __init__(self, estimator, attack_feature: Union[int, slice] = 0):
     @abc.abstractmethod
     def infer(self, x: np.ndarray, y: Optional[np.ndarray] = None, **kwargs) -> np.ndarray:
         """
-        Infer sensitive properties (attributes, membership training records) from the targeted estimator. This method
+        Infer sensitive attributes from the targeted estimator. This method
         should be overridden by all concrete inference attack implementations.
 
         :param x: An array with reference inputs to be used in the attack.
         :param y: Labels for `x`. This parameter is only used by some of the attacks.
-        :return: An array holding the inferred properties.
+        :return: An array holding the inferred attribute values.
+        """
+        raise NotImplementedError
+
+
+class MembershipInferenceAttack(InferenceAttack):
+    """
+    Abstract base class for membership inference attack classes.
+    """
+
+    def __init__(self, estimator: Union["CLASSIFIER_TYPE"]):
+        """
+        :param estimator: A trained estimator targeted for inference attack.
+        :type estimator: :class:`.art.estimators.estimator.BaseEstimator`
+        :param attack_feature: The index of the feature to be attacked.
+        """
+        super().__init__(estimator)
+
+    @abc.abstractmethod
+    def infer(self, x: np.ndarray, y: Optional[np.ndarray] = None, **kwargs) -> np.ndarray:
+        """
+        Infer membership status of samples from the target estimator. This method
+        should be overridden by all concrete inference attack implementations.
+
+        :param x: An array with reference inputs to be used in the attack.
+        :param y: Labels for `x`. This parameter is only used by some of the attacks.
+        :param probabilities: a boolean indicating whether to return the predicted probabilities per class, or just
+                              the predicted class.
+        :return: An array holding the inferred membership status (1 indicates member of training set,
+                 0 indicates non-member) or class probabilities.
         """
         raise NotImplementedError
 

art/attacks/evasion/__init__.py

@@ -18,7 +18,10 @@
 from art.attacks.evasion.elastic_net import ElasticNet
 from art.attacks.evasion.fast_gradient import FastGradientMethod
 from art.attacks.evasion.frame_saliency import FrameSaliencyAttack
-from art.attacks.evasion.feature_adversaries import FeatureAdversaries
+from art.attacks.evasion.feature_adversaries.feature_adversaries_numpy import FeatureAdversariesNumpy
+from art.attacks.evasion.feature_adversaries.feature_adversaries_pytorch import FeatureAdversariesPyTorch
+from art.attacks.evasion.feature_adversaries.feature_adversaries_tensorflow import FeatureAdversariesTensorFlowV2
+from art.attacks.evasion.geometric_decision_based_attack import GeoDA
 from art.attacks.evasion.hclu import HighConfidenceLowUncertainty
 from art.attacks.evasion.hop_skip_jump import HopSkipJump
 from art.attacks.evasion.imperceptible_asr.imperceptible_asr import ImperceptibleASR