Platform guide
...
Analyze your models
Image

Image Segmentation

5min

The below input parameters are for different attack types. To start working with the APIs, see <Post> Model Analysis.

File upload format

  • Data: The processed data, ready to be passed to the model for prediction, should be saved in a folder.
  • Label: A CSV file should be created with two columns: "image" and "label." The first column should contain the image name, and the second column should contain the label. The label should be in integer format. Check sample label file attached.
  • Model: The model should be saved in either .h5 or TensorFlow format with full architecture. Full architecture is needed when loading the model to the platofrm for assessment either in encrypted or unencrypted. This can be ignored when model is hosted as an API.

Common parameters

The below table parameters are common for Extraction Attack type.

Parameter

Data type

Description

Remark

model_Id

String

Model_id received during model registration. We need to provide this model ID in query parameter in URL.

You have to do model registration only once for a model to perform model analysis. This will help you track the no of api call made, and it's success metric.

Request Body (Json format)







normalize_data

String

Model trained on Normalized data.

if model is trained on normalized data, then set this parameter as "yes" else "no".

input_dimensions 

String

Provide input dimension of the image

the parameter should be string in the format "(height, weight, channel)" For example 28*28*1

number_of_classes

String

Number of prediction classes. 

the parameter should be string. Example : 10 (Range >0 & <=200)

model_framework

String

Original model is built with tensorflow framework.

curretly supported framework are: tensorflow, scikit-learn, keras. (Option:[tensorflow])



Extraction parameters

Parameter

Data type

Description

Remark

Request Body (Json format)







attack_type

String

You can select the attack type either Blackbox or Greybox.

Blackbox: for performing model analysis, no information about model or data will be used. Greybox: information about data will be leverage for creation of attack data Note: only 2-5 % of data is needed

number_of_attack_queries

String

Number of attack queries that model will be subjected to.

generally Heigher the number of attack queries, better would be the analysis. And it would take more time to process. (Range:  >0 & <=400000)

vulnerability_threshold

String

Threshold percent of stolen model accuracy at which defense model should be generated.

Threshold percent of stolen model accuracy at which defense model should be generated (Range :  0.0 - 1)

model_api_details

String

If use_model_api is Yes, then provide API details of hosted model as encrypted JSON string is mandatory

provide this only if use_model_api is "yes".

use_model_api

String

Use model API to train your model instead of uploading the model as a zip file.

when this parameter is yes, you don't have to upload model as zip. You can pass api url along with other verification credential in json file.

defense_bestonly



String

Choose to train your model until it achieves the best results or above 95% accuracy.

when selected "yes", it will train N number of model and select best model. Ofcourse this will take longer time. If "no", then once defense model accuracy reached above 95% It will stop

encryption_strategy

Int

Choose a encryption strategy for you model. if model is uploaded directly as a zip pick 0, 1 if model is encryted as .pyc and uploaded as a zip. Ignore if use_model_api is Yes

select 0: pass tensorflow model as it is, select 1: pass encrypted model. It could be .pyc file

To access all sample artifacts, please visit Artifacts.

Note: For Image segmentation, supported attack types are - Extraction



Updated 29 Jan 2024
Doc contributor
Did this page help you?