secml-torch
secml-torch copied to clipboard
pralab
SecML-Torch: A Library for Robustness Evaluation of Deep Learning Models
We can add https://github.com/jeromerony/adversarial-library as it contains efficient implementations of existing attacks. See other wrappers for examples of implementation, e.g., https://github.com/pralab/secml-torch/blob/295aa243628e808bfba92a0dd158d49339d3a68a/src/secmlt/adv/evasion/foolbox_attacks/foolbox_base.py#L14 Referenecs: * the main Foolbox wrapper, e.g., https://github.com/pralab/secml-torch/blob/295aa243628e808bfba92a0dd158d49339d3a68a/src/secmlt/adv/evasion/foolbox_attacks/foolbox_base.py *...
Implement the FMN attack with the native backend. The implementation should allow custom choice of loss, optimizer, and other customizable components. Original attack paper: * FMN https://arxiv.org/abs/2102.12827 References: * the...
Other attacks can be implemented with the native backend. Possibly, the implementation should allow custom choice of loss, optimizer, and other customizable components. Open an issue and a separate branch...
We can add https://github.com/jeromerony/adversarial-library as it contains efficient implementations of existing attacks. Referenecs: * the main Foolbox wrapper https://github.com/pralab/secml-torch/blob/295aa243628e808bfba92a0dd158d49339d3a68a/src/secmlt/adv/evasion/foolbox_attacks/foolbox_base.py#L14 * the wrapped PGD attack https://github.com/pralab/secml-torch/blob/main/src/secmlt/adv/evasion/foolbox_attacks/foolbox_pgd.py * the implementation of PGD...
Some fairness postprocessing techniques (https://doi.org/10.48550/arXiv.1906.05082) require processing the entire output of the neural network. This can be problematic when the dataset is handled by a dataloader which is processed in...
We should avoid creating lists inside data loader. https://github.com/pralab/secml2/blob/db5d9c05250076a324d8493d8384d00d884c0b59/secml2/adv/evasion/base_evasion_attack.py#L50C9-L51C29
Created Adversarial Library wrapper: - implemented the Base class for wrapping up the library attack functions - implemented the class to wrap the PGD implementation of the library - set...
Fixed bug #79, added L1 attack in PGDNative (which was implemented but missing). Examples MNIST works, norms are clipped to the fixed epsilon size as expected. Fixed also some type...
When implementing a custom attack, if the L1 perturbation model is used, the object L1Constraint crashes the execution. ```python from secmlt.optimization.constraints import L1Constraint L1Constraint() ``` results in `ValueError: Perturbation model...
## Changelog Approve after #104 * Pass input learning rate to optimizer * Refactor input optimizer kwargs for modular attack to be explicitly assigned to a dictionary rather than passed...