Scalable provably robust networks

Version 0.4 brings the repository up to speed with our most recent paper, Scaling provable adversarial defenses.

Notable changes:

• Removed extraneous arguments that had no meaning (l1_eps, m, k)
• Changed naming of arguments specifically labeled for L-infinity perturbations to allow for L2 perturbations
• Added trained models in models_scaled. These are all cascaded models for MNIST and CIFAR at the epsilon levels described in the paper.
• Added code for L2 perturbations in the input space.

This version is on PyPI under version 0.4 and works with PyTorch 0.4.

True minibatching performance update

Version 0.2 implements actual minibatching for great speedup on PyTorch 0.3.

This version reproduces the results of Provable defenses against adversarial examples via the convex outer adversarial polytope, by Eric Wong and J. Zico Kolter.