ART (Adversarial Robustness Toolbox)
What It Is
IBM's open-source library for adversarial machine learning. Covers attacks, defenses, and robustness evaluation for ML models — primarily focused on vision and classical ML, with growing NLP support.
Repository: github.com/Trusted-AI/adversarial-robustness-toolbox
Installation
pip install adversarial-robustness-toolbox
Key Modules
| Module | Purpose |
|---|---|
art.attacks.evasion | Adversarial examples (FGSM, PGD, C&W, AutoAttack) |
art.attacks.poisoning | Data poisoning and backdoor attacks |
art.attacks.extraction | Model extraction/stealing |
art.attacks.inference | Membership inference, attribute inference |
art.defences | Adversarial training, input preprocessing, detection |
art.estimators | Wrappers for PyTorch, TensorFlow, scikit-learn models |
When to Use ART
ART is the right tool when you're working with:
- Image classifiers (adversarial example generation)
- Traditional ML models (poisoning, evasion)
- Model robustness benchmarking
- Academic adversarial ML research
For LLM-specific testing, use Garak or PyRIT instead. ART complements these for the non-LLM parts of the AI stack.