Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MindSpore
mindarmour
提交
3746066c
M
mindarmour
项目概览
MindSpore
/
mindarmour
通知
4
Star
2
Fork
3
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
M
mindarmour
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
3746066c
编写于
8月 25, 2020
作者:
M
mindspore-ci-bot
提交者:
Gitee
8月 25, 2020
浏览文件
操作
浏览文件
下载
差异文件
!93 Append description for get_attacker_model and train.
Merge pull request !93 from liuluobin/master
上级
b34693ac
7dc09aed
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
27 addition
and
12 deletion
+27
-12
mindarmour/diff_privacy/evaluation/attacker.py
mindarmour/diff_privacy/evaluation/attacker.py
+10
-3
mindarmour/diff_privacy/evaluation/membership_inference.py
mindarmour/diff_privacy/evaluation/membership_inference.py
+17
-9
未找到文件。
mindarmour/diff_privacy/evaluation/attacker.py
浏览文件 @
3746066c
...
...
@@ -22,9 +22,6 @@ from sklearn.model_selection import GridSearchCV
from
sklearn.model_selection
import
RandomizedSearchCV
method_list
=
[
"lr"
,
"knn"
,
"rf"
,
"mlp"
]
def
_attack_knn
(
features
,
labels
,
param_grid
):
"""
Train and return a KNN model.
...
...
@@ -117,9 +114,19 @@ def get_attack_model(features, labels, config):
features (numpy.ndarray): Loss and logits characteristics of each sample.
labels (numpy.ndarray): Labels of each sample whether belongs to training set.
config (dict): Config of attacker, with key in ["method", "params"].
The format is {"method": "knn", "params": {"n_neighbors": [3, 5, 7]}},
params of each method must within the range of changeable parameters.
Tips of params implement can be found in
"https://scikit-learn.org/0.16/modules/generated/sklearn.grid_search.GridSearchCV.html".
Returns:
sklearn.BaseEstimator, trained model specify by config["method"].
Examples:
>>> features = np.random.randn(10, 10)
>>> labels = np.random.randint(0, 2, 10)
>>> config = {"method": "knn", "params": {"n_neighbors": [3, 5, 7]}}
>>> attack_model = get_attack_model(features, labels, config)
"""
method
=
str
.
lower
(
config
[
"method"
])
...
...
mindarmour/diff_privacy/evaluation/membership_inference.py
浏览文件 @
3746066c
...
...
@@ -23,7 +23,7 @@ from mindspore.dataset.engine import Dataset
import
mindspore.nn
as
nn
import
mindspore.context
as
context
from
mindspore
import
Tensor
from
mindarmour.diff_privacy.evaluation.attacker
import
get_attack_model
,
method_list
from
mindarmour.diff_privacy.evaluation.attacker
import
get_attack_model
def
_eval_info
(
pred
,
truth
,
option
):
"""
...
...
@@ -67,22 +67,23 @@ class MembershipInference:
Evaluation proposed by Shokri, Stronati, Song and Shmatikov is a grey-box attack.
The attack requires obtain loss or logits results of training samples.
References: Reza Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov.
References:
`
Reza Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov.
Membership Inference Attacks against Machine Learning Models. 2017.
arXiv:1610.05820v2
<https://arxiv.org/abs/1610.05820v2>`_
<https://arxiv.org/abs/1610.05820v2>`_
Args:
model (Model): Target model.
Examples:
>>> # ds_train, eval_train are non-overlapping datasets from training dataset.
>>> # eval_train, eval_test are non-overlapping datasets from test dataset.
>>> train_1, train_2 are non-overlapping datasets from training dataset of target model.
>>> test_1, test_2 are non-overlapping datasets from test dataset of target model.
>>> We use train_1, test_1 to train attack model, and use train_2, test_2 to evaluate attack model.
>>> model = Model(network=net, loss_fn=loss, optimizer=opt, metrics={'acc', 'loss'})
>>> inference_model = MembershipInference(model)
>>> config = [{"method": "KNN", "params": {"n_neighbors": [3, 5, 7]}}]
>>> inference_model.train(
ds_train, ds_test
, config)
>>> inference_model.train(
train_1, test_1
, config)
>>> metrics = ["precision", "recall", "accuracy"]
>>> result = inference_model.eval(
eval_train, eval_test
, metrics)
>>> result = inference_model.eval(
train_2, test_2
, metrics)
Raises:
TypeError: If type of model is not mindspore.train.Model.
...
...
@@ -92,6 +93,7 @@ class MembershipInference:
if
not
isinstance
(
model
,
Model
):
raise
TypeError
(
"Type of parameter 'model' must be Model, but got {}."
.
format
(
type
(
model
)))
self
.
model
=
model
self
.
method_list
=
[
"knn"
,
"lr"
,
"mlp"
,
"rf"
]
self
.
attack_list
=
[]
def
train
(
self
,
dataset_train
,
dataset_test
,
attack_config
):
...
...
@@ -102,7 +104,13 @@ class MembershipInference:
Args:
dataset_train (mindspore.dataset): The training dataset for the target model.
dataset_test (mindspore.dataset): The test set for the target model.
attack_config (list): Parameter setting for the attack model.
attack_config (list): Parameter setting for the attack model. The format is
[{"method": "knn", "params": {"n_neighbors": [3, 5, 7]}},
{"method": "lr", "params": {"C": np.logspace(-4, 2, 10)}}].
The support methods list is in self.method_list, and the params of each method
must within the range of changeable parameters. Tips of params implement
can be found in
"https://scikit-learn.org/0.16/modules/generated/sklearn.grid_search.GridSearchCV.html".
Raises:
KeyError: If each config in attack_config doesn't have keys {"method", "params"}
...
...
@@ -120,7 +128,7 @@ class MembershipInference:
if
{
"params"
,
"method"
}
!=
set
(
config
.
keys
()):
raise
KeyError
(
"Each config in attack_config must have keys 'method' and 'params', "
"but your key value is {}."
.
format
(
set
(
config
.
keys
())))
if
str
.
lower
(
config
[
"method"
])
not
in
method_list
:
if
str
.
lower
(
config
[
"method"
])
not
in
self
.
method_list
:
raise
ValueError
(
"Method {} is not support."
.
format
(
config
[
"method"
]))
features
,
labels
=
self
.
_transform
(
dataset_train
,
dataset_test
)
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录