CleverHans is a Python library designed to benchmark the vulnerability of machine learning models to adversarial examples. It provides reference implementations of various attacks and defenses, enabling researchers and practitioners to evaluate and improve model robustness. The library supports JAX, PyTorch, and TensorFlow 2, offering a unified platform for adversarial machine learning research.

How It Works

CleverHans implements a range of adversarial attack algorithms, such as Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD), to generate perturbed inputs that can fool machine learning models. It also includes implementations of defense mechanisms. The library's modular design allows for easy integration of new attacks and defenses across different ML frameworks, facilitating systematic benchmarking and comparison of model vulnerabilities and defenses.

Quick Start & Requirements

• Installation: pip install cleverhans or pip install git+https://github.com/cleverhans-lab/cleverhans.git#egg=cleverhans for the latest version. For development: git clone the repository and run pip install -e ..
• Prerequisites: Requires installation of JAX, PyTorch, or TensorFlow 2.
• Tested Environments: Python 3.6, JAX 0.2, PyTorch 1.7, TensorFlow 2.4 on Ubuntu 18.04 LTS.
• Tutorials: Available in the tutorials/ directory, demonstrating attacks like FGSM and PGD on MNIST and CIFAR10 datasets using JAX, PyTorch, and TF2. https://github.com/cleverhans-lab/cleverhans/tree/master/tutorials

Highlighted Details

• Supports JAX, PyTorch, and TensorFlow 2 frameworks.
• Provides reference implementations for constructing adversarial attacks and defenses.
• Focuses on benchmarking ML system vulnerability to adversarial examples.
• Tutorials are maintained via continuous integration to ensure functionality.

Maintenance & Community

The library is collectively maintained by the CleverHans Lab at the University of Toronto, with significant contributions from researchers at Google Brain, University of Toronto, and other institutions. Contributions are welcomed via the discussion board. https://github.com/cleverhans-lab/cleverhans/discussions

Licensing & Compatibility

Copyright 2021 - Google Inc., OpenAI, Pennsylvania State University, University of Toronto. The specific license is not explicitly stated in the README, but the copyright holders suggest potential restrictions for commercial use or closed-source linking.

Limitations & Caveats

The examples/ directory is currently empty due to the discontinuation of TF1 support. Tutorials are not considered part of the API and may change without warning. The README does not explicitly state the license, which could be a concern for commercial adoption.