- Add version check with MindSpore.
- Upgrade the related software packages, Pillow>=9.3.0,scipy>=1.5.2,pytest>=5.4.3.
Thanks goes to these wonderful people:
Zhang Shukun, Liu Zhidan, Jin Xiulang, Liu Liu, Tang Cong, Yang Yuan, Li Hongcheng.
Contributions of any kind are welcome!
- Add Chinese version api of natural robustness feature.
Thanks goes to these wonderful people:
Liu Zhidan, Zhang Shukun, Jin Xiulang, Liu Liu, Tang Cong, Yangyuan.
Contributions of any kind are welcome!
- Add Chinese version of all existed api.
Thanks goes to these wonderful people:
Zhang Shukun, Liu Zhidan, Jin Xiulang, Liu Liu, Tang Cong, Yangyuan.
Contributions of any kind are welcome!
- [STABLE] Real-World Robustness Evaluation Methods
- Change value of parameter
mutate_configinmindarmour.fuzz_testing.Fuzzer.fuzzinginterface. (!333)
- Update version of third-party dependence pillow from more than or equal to 6.2.0 to more than or equal to 7.2.0. (!329)
Thanks goes to these wonderful people:
Liu Zhidan, Zhang Shukun, Jin Xiulang, Liu Liu.
Contributions of any kind are welcome!
- [BETA] Data Drift Detection for Image Data
- [BETA] Model Fault Injection
Thanks goes to these wonderful people:
Wu Xiaoyu,Feng Zhenye, Liu Zhidan, Jin Xiulang, Liu Luobin, Liu Liu, Zhang Shukun
- [BETA] Reconstruct AI Fuzz and Neuron Coverage Metrics
Thanks goes to these wonderful people:
Wu Xiaoyu,Liu Zhidan, Jin Xiulang, Liu Luobin, Liu Liu
- [STABLE] Data Drift Detection for Time Series Data
- [BUGFIX] Optimization of API description.
Thanks goes to these wonderful people:
Wu Xiaoyu,Liu Zhidan, Jin Xiulang, Liu Luobin, Liu Liu
- [STABLE] Tailored-based privacy protection technology (Pynative)
- [STABLE] Model Inversion. Reverse analysis technology of privacy information
[Modify] ... [Add] ... [Delete] ...
[Add] ...
[BUGFIX] ...
Thanks goes to these wonderful people:
han.yin
- [STABLE] Attack capability of the Object Detection models.
- Some white-box adversarial attacks, such as [iterative] gradient method and DeepFool now can be applied to Object Detection models.
- Some black-box adversarial attacks, such as PSO and Genetic Attack now can be applied to Object Detection models.
Thanks goes to these wonderful people:
Xiulang Jin, Zhidan Liu, Luobin Liu and Liu Liu.
Contributions of any kind are welcome!
-
Privacy leakage evaluation.
- Parameter verification enhancement.
- Support parallel computing.
-
Fuzzing based Adversarial Robustness testing.
- Parameter verification enhancement.
- Api & Directory Structure
- Adjusted the directory structure based on different features.
- Optimize the structure of examples.
Thanks goes to these wonderful people:
Liu Liu, Xiulang Jin, Zhidan Liu and Luobin Liu.
Contributions of any kind are welcome!
-
Privacy leakage evaluation.
- Using Membership inference to evaluate the effectiveness of privacy-preserving techniques for AI.
-
Fuzzing based Adversarial Robustness testing.
- Coverage-guided test set generation.
Thanks goes to these wonderful people:
Liu Liu, Xiulang Jin, Zhidan Liu, Luobin Liu and Huanhuan Zheng.
Contributions of any kind are welcome!
-
Optimizers with differential privacy
-
Differential privacy model training now supports some new policies.
-
Adaptive Norm policy is supported.
-
Adaptive Noise policy with exponential decrease is supported.
-
-
Differential Privacy Training Monitor
- A new monitor is supported using zCDP as its asymptotic budget estimator.
Thanks goes to these wonderful people:
Liu Liu, Huanhuan Zheng, XiuLang jin, Zhidan liu.
Contributions of any kind are welcome.
-
Optimizers with differential privacy
-
Differential privacy model training now supports both Pynative mode and graph mode.
-
Graph mode is recommended for its performance.
-
Thanks goes to these wonderful people:
Liu Liu, Huanhuan Zheng, Xiulang Jin, Zhidan Liu.
Contributions of any kind are welcome!
Differential Privacy is coming! By using Differential-Privacy-Optimizers, one can still train a model as usual, while the trained model preserved the privacy of training dataset, satisfying the definition of differential privacy with proper budget.
-
Optimizers with Differential Privacy(PR23, PR24)
- Some common optimizers now have a differential privacy version (SGD/Adam). We are adding more.
- Automatically and adaptively add Gaussian Noise during training to achieve Differential Privacy.
- Automatically stop training when Differential Privacy Budget exceeds.
-
Differential Privacy Monitor(PR22)
- Calculate overall budget consumed during training, indicating the ultimate protect effect.
Thanks goes to these wonderful people: Liu Liu, Huanhuan Zheng, Zhidan Liu, Xiulang Jin Contributions of any kind are welcome!
- Add a white-box attack method: M-DI2-FGSM(PR14).
- Add three neuron coverage metrics: KMNCov, NBCov, SNACov(PR12).
- Add a coverage-guided fuzzing test framework for deep neural networks(PR13).
- Update the MNIST Lenet5 examples.
- Remove some duplicate code.
Thanks goes to these wonderful people: Liu Liu, Huanhuan Zheng, Zhidan Liu, Xiulang Jin Contributions of any kind are welcome!
Initial release of MindArmour.
- Support adversarial attack and defense on the platform of MindSpore.
- Include 13 white-box and 7 black-box attack methods.
- Provide 5 detection algorithms to detect attacking in multiple way.
- Provide adversarial training to enhance model security.
- Provide 6 evaluation metrics for attack methods and 9 evaluation metrics for defense methods.