ART 1.14.0
This release of ART 1.14.0 introduces poisoning attacks on object detection models, privacy risk metrics, new white-box evasion attack based on conjugate gradients, and more.
Added
- Added implementation of SHAPr membership privacy risk metric (#1978)
- Added support for categorical non-numeric as well as continuous features in attribute inference attacks and improvements in shadow model tools (#2006)
- Added implementation of Auto Conjugate Gradient Attack for white-box evasion (#2028)
- Added implementation of adversarial training with interval bound propagation (#2044)
- Added implementation of method
fit
to object detection estimatorsPyTorchFasterRCNN
,PyTorchObjectDetector
, andPyTorchYolo
(#2067) - Added BadDet object detection poisoning attacks (RMA, GMA, OGA, ODA) (#2054, #2069)
Changed
- Changed evasion detectors module by refactoring the entire module and introducing common API with the
EvasionDetector
base class (#1993) - Changed loading of audio triggers with
audio_perturbations
to cache trigger to accelerate loading (#2053) - Changed tested and officially supported Python versions to 3.9, 3.10, 3.11 (#2063)
- Changed checks and internal improvements to
AdversarialTrainerCertifiedPytorch
(#2070)
Removed
[None]
Fixed
- Fixed bug in
add_single_bd
andadd_pattern_bd
to avoid confusing height and width of the trigger image and transposing the trigger (#2046)