Update documentation

Signed-off-by: Beat Buesser <[email protected]>

Author: Beat Buesser

art/attacks/__init__.py

@@ -2,4 +2,4 @@
 Module providing adversarial attacks under a common interface.
 """
 from art.attacks.attack import Attack, EvasionAttack, PoisoningAttack, PoisoningAttackBlackBox, PoisoningAttackWhiteBox
-from art.attacks.attack import ExtractionAttack, InferenceAttack, AttributeInferenceAttack
+from art.attacks.attack import PoisoningAttackTransformer, ExtractionAttack, InferenceAttack, AttributeInferenceAttack

art/attacks/evasion/pixel_threshold.py

@@ -39,7 +39,7 @@
 # In the meantime, the modified implementation is used which is defined in the
 # lines `453-1457`.
 
-from scipy._lib.six import xrange, string_types
+from six import string_types
 from scipy._lib._util import check_random_state
 from scipy.optimize.optimize import _status_message
 from scipy.optimize import OptimizeResult, minimize
@@ -1129,7 +1129,7 @@ def solve(self):
             self._calculate_population_energies()
 
         # do the optimisation.
-        for nit in xrange(1, self.maxiter + 1):
+        for nit in range(1, self.maxiter + 1):
             # evolve the population by a generation
             try:
                 next(self)

art/attacks/poisoning/adversarial_embedding_attack.py

@@ -250,6 +250,7 @@ def poison_estimator(
     def get_training_data(self) -> Optional[Tuple[np.ndarray, np.ndarray, np.ndarray]]:
         """
         Returns the training data generated from the last call to fit
+
         :return: If fit has been called, return the last data, labels, and backdoor labels used to train model
                  otherwise return None
         """

art/defences/preprocessor/spatial_smoothing_pytorch.py

@@ -32,11 +32,11 @@
 
 import numpy as np
 
-from art.utils import CLIP_VALUES_TYPE
 from art.defences.preprocessor.preprocessor import PreprocessorPyTorch
 
 if TYPE_CHECKING:
     import torch
+    from art.utils import CLIP_VALUES_TYPE
 
 logger = logging.getLogger(__name__)
 
@@ -111,16 +111,21 @@ def __init__(
         self,
         window_size: int = 3,
         channels_first: bool = False,
-        clip_values: Optional[CLIP_VALUES_TYPE] = None,
+        clip_values: Optional["CLIP_VALUES_TYPE"] = None,
         apply_fit: bool = False,
         apply_predict: bool = True,
         device_type: str = "gpu",
     ) -> None:
         """
         Create an instance of local spatial smoothing.
 
+        :window_size: Size of spatial smoothing window.
+        :param channels_first: Set channels first or last.
+        :param clip_values: Tuple of the form `(min, max)` representing the minimum and maximum values allowed
+               for features.
+        :param apply_fit: True if applied during fitting/training.
+        :param apply_predict: True if applied during predicting.
         :param device_type: Type of device on which the classifier is run, either `gpu` or `cpu`.
-        :param **kwargs: Parameters from the parent.
         """
         import torch  # lgtm [py/repeated-import]
 

art/defences/preprocessor/spatial_smoothing_tensorflow.py

@@ -33,11 +33,11 @@
 import numpy as np
 
 from art.utils import ART_NUMPY_DTYPE
-from art.utils import CLIP_VALUES_TYPE
 from art.defences.preprocessor.preprocessor import PreprocessorTensorFlowV2
 
 if TYPE_CHECKING:
     import tensorflow as tf
+    from art.utils import CLIP_VALUES_TYPE
 
 logger = logging.getLogger(__name__)
 
@@ -57,14 +57,19 @@ def __init__(
         self,
         window_size: int = 3,
         channels_first: bool = False,
-        clip_values: Optional[CLIP_VALUES_TYPE] = None,
+        clip_values: Optional["CLIP_VALUES_TYPE"] = None,
         apply_fit: bool = False,
         apply_predict: bool = True,
     ) -> None:
         """
         Create an instance of local spatial smoothing.
 
-        :param **kwargs: Parameters from the parent.
+        :window_size: Size of spatial smoothing window.
+        :param channels_first: Set channels first or last.
+        :param clip_values: Tuple of the form `(min, max)` representing the minimum and maximum values allowed
+               for features.
+        :param apply_fit: True if applied during fitting/training.
+        :param apply_predict: True if applied during predicting.
         """
         super().__init__()
 

docs/index.rst

@@ -6,13 +6,28 @@
 Welcome to the Adversarial Robustness Toolbox
 =============================================
 
+.. image:: ./images/art_lfai.png
+  :width: 400
+  :alt: ART Logo
+  :align: center
+
 Adversarial Robustness Toolbox (ART) is a Python library for Machine Learning Security. ART provides tools that enable
 developers and researchers to evaluate, defend, certify and verify Machine Learning models and applications against
 the adversarial threats of Evasion, Poisoning, Extraction, and Inference. ART supports all popular machine learning
 frameworks (TensorFlow, Keras, PyTorch, MXNet, scikit-learn, XGBoost, LightGBM, CatBoost, GPy, etc.), all data types
 (images, tables, audio, video, etc.) and machine learning tasks (classification, object detection, generation,
 certification, etc.).
 
+.. image:: ./images/adversarial_threats_attacker.png
+  :width: 400
+  :alt: ART Logo
+  :align: center
+
+.. image:: ./images/adversarial_threats_art.png
+  :width: 400
+  :alt: ART Logo
+  :align: center
+
 The code of ART is on `GitHub`_ and the Wiki contains overviews of implemented `attacks`_, `defences`_ and `metrics`_.
 
 The library is under continuous development. Feedback, bug reports and contributions are very welcome!
@@ -45,7 +60,9 @@ Supported Machine Learning Libraries
    modules/attacks
    modules/attacks/evasion
    modules/attacks/extraction
-   modules/attacks/inference
+   modules/attacks/inference/attribute_inference
+   modules/attacks/inference/membership_inference
+   modules/attacks/inference/model_inversion
    modules/attacks/poisoning
    modules/defences
    modules/defences/detector_evasion

docs/modules/attacks/evasion.rst

@@ -164,6 +164,18 @@ Shadow Attack
    :members:
    :special-members:
 
+ShapeShifter Attack
+-------------------
+.. autoclass:: ShapeShifter
+   :members:
+   :special-members:
+
+SimBA Attack
+------------
+.. autoclass:: SimBA
+   :members:
+   :special-members:
+
 Spatial Transformations Attack
 ------------------------------
 .. autoclass:: SpatialTransformation
@@ -176,6 +188,12 @@ Square Attack
    :members:
    :special-members:
 
+Targeted Universal Perturbation Attack
+--------------------------------------
+.. autoclass:: TargetedUniversalPerturbation
+   :members:
+   :special-members:
+
 Universal Perturbation Attack
 -----------------------------
 .. autoclass:: UniversalPerturbation

docs/modules/attacks/inference.rst renamed to docs/modules/attacks/inference/attribute_inference.rst

@@ -1,6 +1,6 @@
-:mod:`art.attacks.inference`
-============================
-.. automodule:: art.attacks.inference
+:mod:`art.attacks.inference.attribute_inference`
+================================================
+.. automodule:: art.attacks.inference.attribute_inference
 
 Attribute Inference Black-Box
 -----------------------------
@@ -19,9 +19,3 @@ Attribute Inference White-Box Decision-Tree
 .. autoclass:: AttributeInferenceWhiteBoxDecisionTree
    :members:
    :special-members:
-
-MIFace
-------
-.. autoclass:: MIFace
-   :members:
-   :special-members:

docs/modules/attacks/inference/membership_inference.rst

@@ -0,0 +1,15 @@
+:mod:`art.attacks.inference.membership_inference`
+=================================================
+.. automodule:: art.attacks.inference.membership_inference
+
+Membership Inference Black-Box
+------------------------------
+.. autoclass:: MembershipInferenceBlackBox
+   :members:
+   :special-members:
+
+Membership Inference Black-Box Rule-Based
+-----------------------------------------
+.. autoclass:: MembershipInferenceBlackBoxRuleBased
+   :members:
+   :special-members:

docs/modules/attacks/inference/model_inversion.rst

@@ -0,0 +1,9 @@
+:mod:`art.attacks.inference.model_inversion`
+============================================
+.. automodule:: art.attacks.inference.model_inversion
+
+Model Inversion MIFace
+----------------------
+.. autoclass:: MIFace
+   :members:
+   :special-members: