Adversarial-robustness-toolbox

This release of ART 1.19.1 provides updates to ART 1.19

Added

[None]

Changed

[None]

Removed

[None]

Fixed

- Fixed string literals in returned AutoAttack metadata to correctly use f-strings (2550)
- Fixed typing and doctoring on `AdversarialPatchPyTorch` attack to account for object detection data (2557)
- Fixed a missing PyTorch transfer to device in `ProjectedGradientDescentPyTorch` attack (2558)

This release of ART 1.19.0 introduces Steal Now Attack Later and Rescaling Auto Conjugate Gradient attacks and the Be Your Own Neighbourhood Detector (BEYOND) for adversarial examples.

Added

- Added the Steal Now Attack Later (SNAL) evasion attack (2440)
- Added the Rescaling Auto Conjugate Gradient (ReACG) descent evasion attack (2460)
- Added the Be Your Own Neighbourhood Detector (BEYOND) for adversarial examples in PyTorch (2489)
- Added support for scikit-learn models with multiples outputs (2505)

Changed

- Changed AutoAttack to allow defining number of processes used in parallel processing (2529)

Removed

[None]

Fixed

- Fixed use of deprecated function `binom_test` from `scipy` (2517)
- Fixed bug in random sampling of patch locations in masks for adversarial patch attacks in PyTorch (2539)

This release of ART 1.18.2 provides updates to ART 1.18

Added

[None]

Changed

- Changed version checks for imported libraries requiring checks to use standard library functions (2500)

Removed

[None]

Fixed

[None]

This release of ART 1.18.1 provides updates to ART 1.18

Added

[None]

Changed

[None]

Removed

[None]

Fixed

- Fixed missing transfer to device/GPU in `ProjectedGradientDescentPyTorch` (2455)

This release of ART 1.18.0 introduces Overload Attack on object detection models and provides fast accurate loss gradients in Projected Gradient Descent for all norms.

Added

- Added Overload Attack on object detection models (2337)
- Added support for all norms in Projected Gradient Descent attacks (2382)
- Added support for feature scaling in inference attacks (2384)

Changed

- Replaced model specific estimators for Yolo and Faster-RCNN with single estimator for all object detection models in PyTorch (2321 )

Removed

[None]

Fixed

- Fixed scaling of gradients of non-L[2, infinity] norms in Projected Gradient Descent attacks (2382)

This release of ART 1.17.1 provides updates to ART 1.17

Added

[None]

Changed

[None]

Removed

- Removed upper limit for `scikit-learn` to reduce dependency conflicts and facilitate integration with other libraries.

Fixed

[None]