Text Classification
The below input parameters are for different attack types. To start working with the APIs, see Text Classification.
Text classification is an alpha-release with limited functionality. It is not available in AIShield pypi package. For early access, kindly contact [email protected]
- Data: The processed data, ready to be passed to the model for prediction, should be saved in a folder.
- Model: The model should be saved in either .h5 or TensorFlow format with full architecture along with token in .pkl format. Also there need to be a base_model.py file which should load model and token and confire it to give prediction. All Three file base_model.py, .h5 saved model and .pkl saved token should be zipped in a folder and uploaded.
The below table parameters are common for Extraction Attack type.
Parameter | Data type | Description | Remark |
model_Id | String | Model_id received during model registration. We need to provide this model ID in query parameter in URL. | You have to do model registration only once for a model to perform model analysis. This will help you track the no of api call made, and it's success metric. |
Request Body (Json format) | | | |
model_api_details | String | Use model API to train your model instead of uploading the model as a zip file. Yes | provide this only if use_model_api is "yes". |
Attack_type | String | You can select the attack type either Blackbox or Greybox. | Blackbox: for performing model analysis, no information about model or data will be used. Greybox: information about data will be leverage for creation of attack data Note: only 2-5 % of data is needed |
normalize_data | String | Model trained on Normalized data. | if model is trained on normalized data, then set this parameter as "yes" else "no". |
input_dimensions | String | Provide input dimension of the text (100) | the parameter should be string in the format. For example 100. |
number_of_attack_queries | String | Number of attack queries that model will be subjected to. e.g. 20000 | generally Heigher the number of attack queries, better would be the analysis. And it would take more time to process. (Range: >0 & <=400000) |
model_framework | String | Original model is built with tensorflow framework. | curretly supported framework are: tensorflow, scikit-learn, keras. (Option:[tensorflow]) |
vulnerability_threshold | String | Number of attack queries that model will be subjected to. e.g, 0.0 - 1 | Threshold percent of stolen model accuracy at which defense model should be generated (Range : 0.0 - 1) |
defense_best_only | String | Choose to train your model until it achieves the best results or above 95% accuracy. | when selected "yes", it will train N number of model and select best model. Ofcourse this will take longer time. If "no", then once defense model accuracy reached above 95% It will stop |
encryption_strategy | Int | Choose a encryption strategy for you model. if model is uploaded directly as a zip pick 0, 1 if model is encryted as .pyc and uploaded as a zip. Ignore if use_model_api is Yes | select 0: pass tensorflow model as it is, select 1: pass encrypted model. It could be .pyc file |
To access all sample artifacts, please visit Artifacts.
- For specific artifact details, refer
Note: For Text classification, supported attack types are - Extraction