Tabular Classification

the below input parameters are for different attack types to start working with the apis view the docid\ v08lzx7yc3id62w3z63yg file upload format data data should be in a csv file with a header as all the features (columns) name and the last column as the target variable https //aisdocs blob core windows net/reference/upload/tabular/tabularclassification/data evasion zip minmax data should be in a csv file with a header as all the feature (columns) names and the last column as the target variable the first row of the csv file should contain the minimum value for each column (feature), and the second row should contain the max value https //aisdocs blob core windows net/reference/upload/tabular/tabularclassification/minmax evasion zip model the model should be saved in either pkl, h5 or tensorflow format full architecture is needed when loading the model to the platofrm for assessment either in encrypted or unencrypted this can be ignored when model is hosted as an api https //aisdocs blob core windows net/reference/upload/tabular/tabularclassification/model zip all files uploaded should be in zipped format the above files are sample data common parameters the below table parameters are common for all attact types to see the additional parameter specific to attact type refer to the below sections parameter data type descrption remark model id string model id received during model registration we need to provide this model id in query parameter in url you have to do model registration only once for a model and you can perform many analysis this will help you to track how many api call has been made, how many has successed request body (json format) normalize data string model trained on normalized data if model is trained on normalized data, then set this parameter as "yes" else "no" input dimensions string length of dataset features the parameter should be string in the format "(height, weight, channel)" for example 100,18 number of classes string number of prediction classes the parameter should be string example banking marketing campaign classification dataset 2 (range >0 & <=200) model api details string if use model api is yes, then provide api details of hosted model as encrypted json string is mandatory provide this only if use model api is "yes" use model api string if use model api is yes, then provide api details of hosted model as encrypted json string is mandatory when this parameter is yes, you don't have to upload model as zip you can pass api url along with other verification credential in json file model framework string original model is built with scikit learn framework (option \[scikit learn]) curretly supported framework are tensorflow, scikit learn, keras defense bestonly string highly optimized defense model will be returned when selected "yes" , it will train n number of model and select best model ofcourse this will take longer time if "no" , then once defense model accuracy reached above 95% it will stop encryption strategy int choose a encryption strategy for you model if model is uploaded directly as a zip pick 0, 1 if model is encryted as pyc and uploaded as a zip ignore if use model api is yes select 0 pass tensorflow model as it is, select 1 pass encrypted model it could be pyc file is category columns string if any categorical column presents in dataset provide 'yes' otherwise 'no' categorical columns info string if is category columns is yes, then provide the column names of the categorical (provide these columns name as comma separated) extraction parameters parameter data type descrption remark request body (json format) attack type string you can select the attack type either blackbox or greybox blackbox for performing model analysis, no information about model or data will be used greybox information about data will be leverage for creation of attack data note only 2 5 % of data is needed number of attack queries string number of attack sample to use for analysis generally heigher the number of attack queries , better would be the analysis accepted range (0 400000) vulnerability threshold string stolen model accuracy threshold at which defense model should get generated parameter value range (0 0 1 0) evasion parameters note use /#common parameters only, no extra parameters is needed experimentation with values to improve the accuracy, you can experiment with the following values for your attack input parameters in our example we have used an bfsi dataset in our model and the below table reflects the parameters suitable for it for more information, please refer to the https //github com/bosch aisecurity aishield/reference implementations/tree/main/product taskpair wise/tabular classification/extraction task pair/analysis type model under analysis type of attack strategy no of queries outcome tc mea bfsi blackbox 10000 stolen model accuracy between 75% 85% tc mea bfsi greybox 20000 stolen model accuracy between 80% 90% tc eva bfsi n/a n/a evasion report to access all sample artifacts, please visit docid\ ijneocxostabvvrsq11fa for specific artifact details, refer vulnerability report docid\ hl0ut2mwlcbkt8f97fr w sample attacks docid 4g1mjm5lqjfm8t5wbvwpr defense report docid\ vtzlttpja2vsf2j0stlsq defense model docid\ xsbxmzxw4vv14 8nmbf8m note for tabular classification, supported attack types are extraction