ART 0.9.0
This release contains breaking changes to attacks and defences with regards to setting attributes, removes restrictions on input shapes which enables the use of feature vectors and several bug fixes.
Added
- implement pickle for classifiers
tensorflowandpytorch(#39) - added example
data_augmentation.pydemonstrating the use of data generators
Changed
- renamed and moved tests (#58)
- change input shape restrictions, classifiers accept now any input shape, for example feature vectors; attacks requiring spatial inputs are raising exceptions (#49)
- clipping of data ranges becomes optional in classifiers which allows attacks to accept unbounded data ranges (#49)
- [Breaking changes] class attributes in attacks can no longer be changed with method
generate, changing attributes is only possible with methods__init__andset_params - [Breaking changes] class attributes in defenses can no longer be changed with method
generate, changing attributes is only possible with methods__call__andset_params - resolved inconsistency in PGD random_init with Madry's version
Removed
- deprecated static adversarial trainer
StaticAdversarialTrainer
Fixed
- Fixed bug in attack ZOO (#60)