This release of ART 1.5.1 provides updates to ART 1.5.

Added

Added an option to select to probability values for model extraction attacks in addition to index labels in art.attacks.extraction.CopycatCNN and art.attacks.extraction.KnockoffNets. (#825)
Added a new notebook demonstrating model extraction attacks and defences. (#825)
Added art.attacks.evasion.CarliniWagnerASR as a special case of art.attacks.evasion.ImperceptibleASR where max_iter_stage_2=0 skipping the second stage of the ImperceptibleASR. (#784)

Changed

Changed method generate of art.attacks.evasion.ProjectedGradientDescentPyTorch and art.attacks.evasion.ProjectedGradientDescentTensorFlowV2 to create a copy of the input data to guard the input data from being overwritten by a model that unexpectedly overwrites its input data. This change follows the implementation of art.attacks.evasion.ProjectedGradientDescentNumpy and provides an extra layer of protection against unexpected model behavior. (#805)
Change numerical precision in art.attacks.evasion.Wasserstein from float to double to reduce numerical overflow in numpy.log and replace input pixel values of 0 with EPS_LOG=10^-10 to prevent division by zero in numpy.log. (#780)
Changed tqdm imports to use tqdm.auto to automatically run its Jupyter widgets where supported. (#799)
Improved documentation, argument value checks and added support for index labels in art.attacks.inference.member_ship.LabelOnlyDecisionBoundary. (#790)

[None]

Fixed bug in art.estimators.classification.KerasClassifier.custom_loss_gradient() to support keras and tensorflow.keras. (#810)
Fixed bug in art.attacks.evasion.PixelThreshold.generate to correctly scale images in range [0, 255]. (#802)
Fixed bug in art.attacks.evasion.PixelThreshold to run CMA Evolution Strategy max_iter iterations instead of 1 iteration. (#802)
Fixed bug in art.estimators.object_detection.PyTorchFasterRCNN by adding missing argument model in super().init. (#789)