pith. sign in

arxiv: 1707.04131 · v3 · pith:LHW3UGZ4new · submitted 2017-07-13 · 💻 cs.LG · cs.CR· cs.CV· stat.ML

Foolbox: A Python toolbox to benchmark the robustness of machine learning models

Jonas Rauber , Wieland Brendel , Matthias Bethge This is my paper
classification 💻 cs.LG cs.CRcs.CVstat.ML
keywords foolboxadversariallearningmachinemodelsrobustnessdifferentminimum
0
0 comments X
read the original abstract

Even todays most advanced machine learning models are easily fooled by almost imperceptible perturbations of their inputs. Foolbox is a new Python package to generate such adversarial perturbations and to quantify and compare the robustness of machine learning models. It is build around the idea that the most comparable robustness measure is the minimum perturbation needed to craft an adversarial example. To this end, Foolbox provides reference implementations of most published adversarial attack methods alongside some new ones, all of which perform internal hyperparameter tuning to find the minimum adversarial perturbation. Additionally, Foolbox interfaces with most popular deep learning frameworks such as PyTorch, Keras, TensorFlow, Theano and MXNet and allows different adversarial criteria such as targeted misclassification and top-k misclassification as well as different distance measures. The code is licensed under the MIT license and is openly available at https://github.com/bethgelab/foolbox . The most up-to-date documentation can be found at http://foolbox.readthedocs.io .

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 3 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Robust Synthesis of Adversarial Visual Examples Using a Deep Image Prior

    cs.CV 2019-07 unverdicted novelty 6.0

    A DIP-based optimization produces adversarial perturbations and patches that are more robust to affine transformations than standard high-frequency noise while staying imperceptible.

  2. Affine Disentangled GAN for Interpretable and Robust AV Perception

    cs.CV 2019-07 unverdicted novelty 5.0

    ADIS-GAN disentangles affine transformations in a GAN to achieve over 98% classification accuracy on MNIST within 30 degrees rotation and over 90% under FGSM and PGD attacks while generating rotation and scaling factors.

  3. Evaluation of AI Ethics Tools in Language Models: A Developers' Perspective Case Stud

    cs.CY 2025-12 unverdicted novelty 3.0

    Evaluation of Model Cards, ALTAI, FactSheets, and Harms Modeling on Portuguese language models shows they provide broad ethical guidance but overlook unique language features and negative impacts.