1 Release published by 1 person

• 1.19.0 ART 1.19.0

  published Dec 20, 2024

2 Pull requests merged by 2 people

• Bump torch from 2.2.1 to 2.5.0

  #2510 merged Dec 20, 2024

• Update to ART 1.19.0

  #2538 merged Dec 20, 2024

3 Pull requests opened by 1 person

• Bump codecov/codecov-action from 4 to 5

  #2544 opened Dec 20, 2024

• Bump six from 1.16.0 to 1.17.0

  #2545 opened Dec 20, 2024

• Bump ipython from 8.25.0 to 8.31.0

  #2547 opened Dec 23, 2024

119 Issues closed by 3 people

• Incomplete EstimatorError when initializing attack on PyTorchRegressor

  #2228 closed Dec 20, 2024

• Some question about computing the adversarial saliency map in JSMA attack

  #2306 closed Dec 20, 2024

• Implement `get_activations()` for PyTorch Object Detectors

  #2314 closed Dec 20, 2024

• TensorFlow Addons is end of life in May 2024

  #2316 closed Dec 20, 2024

• BrendelBethgeAttack breaks with array clip range

  #2320 closed Dec 20, 2024

• Update the speech recognizer class to work with up-to-date versions of ART

  #2324 closed Dec 20, 2024

• Implement dirty label poisoning attacks for speech recognition models

  #2326 closed Dec 20, 2024

• Using Pre Processors in Prediction (ART classifier)

  #2335 closed Dec 20, 2024

• Implement HuggingFace Language Modeling Estimators

  #2336 closed Dec 20, 2024

• Apply existing patches without initialising attack object

  #2349 closed Dec 20, 2024

• Backdoor attack HuggingFace Model Automatic Speech Recognition via HuggingFaceClassifierPytorch ART

  #2377 closed Dec 20, 2024

• Implement HuggingFace Object Detection Estimators

  #2383 closed Dec 20, 2024

• AdversarialTrainer parameter name missmatch

  #2394 closed Dec 20, 2024

• adversarial audio example notebook not giving the same results

  #2431 closed Dec 20, 2024

• List of projects/tools utilising ART [JATIC-I4-IBM]

  #2436 closed Dec 20, 2024

• Implement Blacklight defense against black-box evasion attacks

  #1432 closed Dec 20, 2024

• add L-inf bound to `SimBA`

  #1424 closed Dec 20, 2024

• change docstring for `SimBa.generate` parameter `y`

  #1407 closed Dec 20, 2024

• Update learning rate of notebook attack_adversarial_patch_TensorFlowV2.ipynb

  #1393 closed Dec 20, 2024

• Poisoning defense: modified adv. training

  #1391 closed Dec 20, 2024

• Implement poison-specific adv. training

  #1390 closed Dec 20, 2024

• Stateful Detection of Black-Box Adversarial Attacks

  #1373 closed Dec 20, 2024

• Evasion attacks (DeepFool & possibly others) do not support multiple inputs

  #1359 closed Dec 20, 2024

• Implement momentum iterative fast gradient sign method (MIFGSM)

  #1447 closed Dec 20, 2024

• Freeze Model Weights

  #1451 closed Dec 20, 2024

• mxnet error

  #1457 closed Dec 20, 2024

• Possible Issue with keras estimator's get_activations() function when framework = True

  #1494 closed Dec 20, 2024

• Implement method compute_loss in art.estimators.speech_recognition.*

  #1503 closed Dec 20, 2024

• Bull's eye polytope attack not working properly

  #1863 closed Dec 20, 2024

• Update PyTorchClassifier.fit with FFCV

  #1639 closed Dec 20, 2024

• YOLO Object Detection Estimator for TensorFlow

  #1996 closed Dec 20, 2024

• Issue with using KerasClassifier: Following Poison Frogs Example in Tensorflow(Keras)

  #1977 closed Dec 20, 2024

• `art.attack.evasion.LowProFool` encounter bugs when using L_1-norm (or 0<p<2)

  #1970 closed Dec 20, 2024

• Update version of scikit-learn in setup.py and CI yml files

  #1953 closed Dec 20, 2024

• Code modifications in "pytorch_object_detector.py"

  #1943 closed Dec 20, 2024

• import torch.autograd.gradcheck import zero_gradients is unsuccessful

  #1911 closed Dec 20, 2024

• Implementing more realistic transforms in Robust DPatch EoT

  #1907 closed Dec 20, 2024

• Bug in Activation Defence for PyTorch

  #1810 closed Dec 20, 2024

• Problem with PyTorchYolo.py

  #1796 closed Dec 20, 2024

• A metric that just launch an attack and return the success rate (or the model accuracy).

  #1775 closed Dec 20, 2024

• Bugs in knockoff_nets depending on the output of victim classifier and thieved classifier

  #1746 closed Dec 20, 2024

• GRAPHITE Implementation

  #1708 closed Dec 20, 2024

• Minor errors on expectation over transformation notebook

  #1673 closed Dec 20, 2024

• Discrepancy among AdversarialPatch* attacks for the same parameters

  #1663 closed Dec 20, 2024

• ImperceptibleASRPyTorch may produce NAN loss

  #1658 closed Dec 20, 2024

• Add support for dynamic patch masks in AdversarialTexturePyTorch

  #1643 closed Dec 20, 2024

• Investigate and add support for multiple GPUs for PyTorch estimators

  #1642 closed Dec 20, 2024

• Extend support for Indicators of Attack Failure

  #1641 closed Dec 20, 2024

• Version not implemented error when carrying out Neural Cleanse Defense

  #871 closed Dec 20, 2024

• Include exclusionary reclassification technique to activation clustering as poisoning defense

  #875 closed Dec 20, 2024

• Create a test environment for TensorflowFasterRCNN on github

  #1034 closed Dec 20, 2024

• Carlini L2 and L-inf are slow

  #1060 closed Dec 20, 2024

• ART multi-gpu issue

  #1074 closed Dec 20, 2024

• The LFilterPyTorch does not work with torch > 1.6 and torchaudio > 0.6

  #1123 closed Dec 20, 2024

• Support for user-defined adversarial criteria in black-box evasion attacks

  #1134 closed Dec 20, 2024

• TF import overwrite when using tf2 for tf1 support

  #1303 closed Dec 20, 2024

• Error in cell 5 in notebooks/detection_adversarial_samples_cifar10.ipynb

  #1299 closed Dec 20, 2024

• Update notebook adversarial_training_mnist.ipynb

  #1298 closed Dec 20, 2024

• feature_collision_attack.py generates poison instances that are NaN.

  #1252 closed Dec 20, 2024

• image length-width ratio limits in square attack

  #1244 closed Dec 20, 2024

• Audio classification attacks?

  #1241 closed Dec 20, 2024

• Intel(R) Extension for Scikit-learn for Scikit-learn estimators from ART

  #1200 closed Dec 20, 2024

• Implement EoT for rotation in object detection

  #1145 closed Dec 20, 2024

• Test fixture for functional Keras image classifier never used

  #1143 closed Dec 20, 2024

• Implement support for non-torch.nn.Sequential model types in PyTorchClassifier.get_layers

  #1135 closed Dec 20, 2024

• Implement estimators and attacks for NLP tasks

  #866 closed Dec 20, 2024

• Cross Evaluation Test Parent Test Class

  #859 closed Dec 20, 2024

• SklearnClassifier does not support sklearn-like estimators (e.g. ThunderSVM)

  #836 closed Dec 20, 2024

• Support for multioutput model

  #813 closed Dec 20, 2024

• Implement defence evaluations by Tramèr et al. (2020)

  #314 closed Dec 20, 2024

• Enable batches with variable length/size inputs

  #464 closed Dec 20, 2024

• detection_adversarial_samples_cifar10.ipynb is not working correctly on nbviewer. The reason is tf version.

  #770 closed Dec 20, 2024

• Keras callback support

  #221 closed Dec 20, 2024

• categorical feature support

  #199 closed Dec 20, 2024

• "Only Keras classifiers (v2.2.4) are supported for this defence" in poisoning_defense_neural_cleanse.ipynd

  #764 closed Dec 20, 2024

• Move all poisoning defense tests to the new ART Testing Framework

  #746 closed Dec 20, 2024

• Investigate Pytorch compatibility with poisoning attacks

  #745 closed Dec 20, 2024

• Implement Fast is Better than Free protocol for TensorFlow v2

  #472 closed Dec 20, 2024

• Adding examples for computing robustness metrics

  #504 closed Dec 20, 2024

• Adversarial evasion attacks on regression

  #509 closed Dec 20, 2024

• Binary classification error

  #535 closed Dec 20, 2024

• Poison Detection - Activation Defense with Keras Generator

  #515 closed Dec 20, 2024

• Remove all of the duplicated and slightly different fix_get_mnist_subset fixture

  #717 closed Dec 20, 2024

• Add a small number of test audio samples

  #706 closed Dec 20, 2024

• Enable PGD attack on PyTorch Faster-RCNN using np object arrays as input

  #697 closed Dec 20, 2024

• Add Safe Predictions for Abstaining Classifiers

  #671 closed Dec 20, 2024

• Implement model-specific estimator for TensorFlow SSD object detection models

  #650 closed Dec 20, 2024

• Create a Verification that each Test is run at least in 1 framework

  #633 closed Dec 20, 2024

• Move all Evasion tests to the new ART Testing Framework and make them framework independent

  #580 closed Dec 20, 2024

• Example use of Some of the attacks

  #797 closed Dec 20, 2024

• Remove @FrameworkAgnostic Markers

  #807 closed Dec 20, 2024

• bug in pytorch_deep_speech

  #2043 closed Dec 20, 2024

• Implementation of the Dirty Label Backdoor Attack

  #2084 closed Dec 20, 2024

• Consider Renaming `GradientMatchingAttack` to `WitchesBrewAttack`

  #2085 closed Dec 20, 2024

• Implement semantic adversarial attacks

  #2126 closed Dec 20, 2024

• Tensor Device Inconsistencies in Projected Gradient Descent Algorithm.

  #2123 closed Dec 20, 2024

• Error in pytorch_yolo.py

  #2086 closed Dec 20, 2024

• Incorrect image format for default test subsets

  #2101 closed Dec 20, 2024

• Error in **attack_adversarial_patch_pytorch_yolo.ipynb**

  #2148 closed Dec 20, 2024

• Support feature scaling in membership black-box attack

  #2152 closed Dec 20, 2024

• Support class-based membership inference

  #2155 closed Dec 20, 2024

• Setting retain_graph to False in adversarial_patch_pytorch attack

  #2220 closed Dec 20, 2024

• Inclusion of Huggingface Support

  #2225 closed Dec 20, 2024

• Double Softmax in PyTorch image estimator for test cases.

  #2227 closed Dec 20, 2024

• Improve get_layers for PyTorchClassifier

  #2229 closed Dec 20, 2024

• Update lingo workflow to most recent release versions

  #2244 closed Dec 20, 2024

• Implementation of Progress Bars for ART Estimators

  #2288 closed Dec 20, 2024

• support for yolov5-seg

  #2291 closed Dec 20, 2024

• NaNs in Wasserstein Attack

  #2305 closed Dec 20, 2024

• L¹ `FGM` is wrong extend to all p >= 1

  #2381 closed Dec 20, 2024

• PyTorch classes that check torch.optim.lr_scheduler._LRScheduler

  #2389 closed Dec 20, 2024

• Upgrade Pylint Version and Review Required Disable Statements

  #2359 closed Dec 20, 2024

• Can't execute the generate function from AdversarialPatchPytorch

  #2344 closed Dec 20, 2024

• [Citation] v1.0.0 or v1.2.0?

  #2333 closed Dec 20, 2024

• RobustDpatch doesn't work

  #2507 closed Dec 20, 2024

• How to load a model locally in attack_adversarial_patch_detr;

  #2522 closed Dec 20, 2024

• Subpopulation Data Poisoning

  #2520 closed Dec 20, 2024

• How to set the attack parameters of CW2? No matter how I change the parameters, I can't make CW2 successfully attack my model.

  #2536 closed Dec 20, 2024

• Why are the images generated by using DeepFool to attack CIFAR-10 so strange?

  #2535 closed Dec 20, 2024

4 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Attack > Evasion > Momentum Iterative Method: major issues

  #2439 commented on Dec 20, 2024 • 0 new comments

• Flexible metric function for accuracy and l2 norm [JATIC-I2-IBM]

  #2301 commented on Dec 20, 2024 • 0 new comments

• Added support for GREAT Score [NIPS-2024]

  #2527 commented on Dec 23, 2024 • 0 new comments

• Bump cma from 3.3.0 to 4.0.0

  #2537 commented on Dec 20, 2024 • 0 new comments