Platform guide
...
Analyze your models
Tabular

Tabular Classification

7min

The below input parameters are for different attack types. To start working with the APIs view the Tabular Classification.

File upload format

  • Data: Data should be in a CSV file with a header as all the features (Columns) name and the last column as the target variable.
  • Minmax: Data should be in a CSV file with a header as all the feature (Columns) names and the last column as the target variable. The first row of the CSV file should contain the minimum value for each column (feature), and the second row should contain the max value.
  • Model: The model should be saved in either .pkl, .h5 or TensorFlow format. Full architecture is needed when loading the model to the platofrm for assessment either in encrypted or unencrypted. This can be ignored when model is hosted as an API.

All files uploaded should be in zipped format. The above files are sample data.

Common parameters

The below table parameters are common for all attact types.

To see the additional parameter specific to attact type refer to the below sections.

Parameter

Data type

Descrption

Remark

model_id

String

Model_id received during model registration. We need to provide this model_id  in query parameter in URL.

you have to do model registration only once for a model and you can perform many analysis. This will help you to track how many api call has been made, how many has successed.

Request Body (Json format)







normalize_data

String

Model trained on Normalized data.

if model is trained on normalized data, then set this parameter as "yes" else "no".

input_dimensions

String

length of dataset * features

the parameter should be string in the format "(height, weight, channel)" For example 100,18

number_of_classes

String

Number of prediction classes. 

the parameter should be string. Example  : Banking Marketing Campaign classification dataset 2 (Range >0 & <=200)

model_api_details

String

If use_model_api is Yes, then provide API details of hosted model as encrypted JSON string is mandatory

provide this only if use_model_api is "yes".

use_model_api

String

If use_model_api is Yes, then provide API details of hosted model as encrypted JSON string is mandatory

when this parameter is yes, you don't have to upload model as zip. You can pass api url along with other verification credential in json file.

model_framework

String

Original model is built with scikit-learn framework. (Option:[scikit learn])

curretly supported framework are: tensorflow, scikit-learn, keras

defense_bestonly

String

Highly optimized defense model will be returned.

when selected "yes", it will train N number of model and select best model. Ofcourse this will take longer time. If "no", then once defense model accuracy reached above 95% It will stop

encryption_strategy

Int

Choose a encryption strategy for you model. if model is uploaded directly as a zip pick 0, 1 if model is encryted as .pyc and uploaded as a zip. Ignore if use_model_api is Yes

select 0: pass tensorflow model as it is, select 1: pass encrypted model. It could be .pyc file

is_category_columns

String

If any categorical column presents in dataset provide 'yes' otherwise 'no'



categorical_columns_info

String

If is_category_columns is yes, then provide the column names of the categorical. (Provide these columns name as comma separated)





Extraction parameters

Parameter

Data type

Descrption

Remark

Request Body (Json format)







attack_type

String

You can select the attack type either Blackbox or Greybox.

Blackbox: for performing model analysis, no information about model or data will be used. Greybox: information about data will be leverage for creation of attack data Note: only 2-5 % of data is needed

number_of_attack_queries



String

Number of attack sample to use for analysis.

Generally heigher the number of attack queries , better would be the analysis. Accepted range: (0-400000)

vulnerability_threshold

String

Stolen model accuracy threshold at which defense model should get generated.

Parameter value Range: (0.0 - 1.0).

Evasion parameters

Note: use Common parameters only, no extra parameters is needed.



Experimentation with values

To improve the accuracy, you can experiment with the following values for your attack input parameters. In our example we have used an BFSI dataset in our model and the below table reflects the parameters suitable for it. For more information, please refer to the reference implementation.

Task Pair/Analysis Type

Model under analysis

Type of Attack Strategy

No of queries

Outcome

TC - MEA

BFSI

Blackbox

10000

Stolen model accuracy between 75%-85%

TC - MEA

BFSI

Greybox

20000

Stolen model accuracy between 80%-90%

TC - EVA

BFSI

N/A

N/A

Evasion Report

To access all sample artifacts, please visit Artifacts.

Note: For Tabular classification, supported attack types are - Extraction



Updated 31 Jan 2024
Doc contributor
Did this page help you?