ART 0.7.0

This release contains a new poison removal method, as well as some restructuring of features recently added to the library.

Added

• Poisoning fixing method performing retraining as part of the ActivationDefence class
• Example script of how to use the poison removal method
• New module wrappers containing features that alter the behaviour of a Classifier. These are to be used as wrappers for classifiers and to be passed directly to evasion attack instances.

Changed

• ExpectationOverTransformations has been moved to the wrappers module
• QueryEfficientBBGradientEstimation has been moved to the wrappers module

Removed

• Attacks no longer take an expectation parameter (breaking). This has been replaced by a direct call to the attack with an ExpectationOverTransformation instance.

Fixed

• Bug in spatial transformations attack: when attack does not succeed, original samples are returned now (issue #40, fixed in #42, #43)
• Bug in Keras with loss functions that do not take labels in one-hot encoding (issue #41)
• Bug fix in activation defence against poisoning: incorrect test condition
• Bug fix in DeepFool: inverted stop condition when working with batches
• Import problem in utils.py: top level imports were forcing users to install all supported ML frameworks