MindArmour focus on security and privacy of artificial intelligence. MindArmour can be used as a tool box for MindSpore users to enhance model security and trustworthiness and protect privacy data. MindArmour contains three module: Adversarial Robustness Module, Fuzz Testing Module, Privacy Protection and Evaluation Module.
Adversarial robustness module is designed for evaluating the robustness of the model against adversarial examples, and provides model enhancement methods to enhance the model's ability to resist the adversarial attack and improve the model's robustness. This module includes four submodule: Adversarial Examples Generation, Adversarial Examples Detection, Model Defense and Evaluation.
The architecture is shown as follow:
Fuzz Testing module is a security test for AI models. We introduce neuron coverage gain as a guide to fuzz testing according to the characteristics of neural networks. Fuzz testing is guided to generate samples in the direction of increasing neuron coverage rate, so that the input can activate more neurons and neuron values have a wider distribution range to fully test neural networks and explore different types of model output results and wrong behaviors.
The architecture is shown as follow:
Privacy Protection and Evaluation Module includes two modules: Differential Privacy Training Module and Privacy Leakage Evaluation Module.
Differential Privacy Training Module implements the differential privacy optimizer. Currently, SGD, Momentum and Adam are supported. They are differential privacy optimizers based on the Gaussian mechanism.
This mechanism supports both non-adaptive and adaptive policy. Rényi differential privacy (RDP) and Zero-Concentrated differential privacy(ZCDP) are provided to monitor differential privacy budgets.
The architecture is shown as follow:
Privacy Leakage Evaluation Module is used to assess the risk of a model revealing user privacy. The privacy data security of the deep learning model is evaluated by using membership inference method to infer whether the sample belongs to training dataset.
The architecture is shown as follow:
- The hardware platform should be Ascend, GPU or CPU.
- See our MindSpore Installation Guide to install MindSpore.
The versions of MindArmour and MindSpore must be consistent. - All other dependencies are included in setup.py.
Due the dependency between MindArmour and MindSpore, please follow the table below and install the corresponding MindSpore verision from MindSpore download page.
| MindArmour Version | Branch | MindSpore Version |
|---|---|---|
| 2.0.0 | r2.0 | >=1.7.0 |
| 1.9.0 | r1.9 | >=1.7.0 |
| 1.8.0 | r1.8 | >=1.7.0 |
| 1.7.0 | r1.7 | r1.7 |
-
Download source code from Gitee.
git clone https://gitee.com/mindspore/mindarmour.git
-
Compile and install in MindArmour directory.
cd mindarmour python setup.py install
pip install https://ms-release.obs.cn-north-4.myhuaweicloud.com/{version}/MindArmour/{arch}/mindarmour-{version}-cp37-cp37m-linux_{arch}.whl --trusted-host ms-release.obs.cn-north-4.myhuaweicloud.com -i https://pypi.tuna.tsinghua.edu.cn/simple
- When the network is connected, dependency items are automatically downloaded during .whl package installation. (For details about other dependency items, see setup.py). In other cases, you need to manually install dependency items.
{version}denotes the version of MindArmour. For example, when you are downloading MindArmour 1.0.1,{version}should be 1.0.1.{arch}denotes the system architecture. For example, the Linux system you are using is x86 architecture 64-bit,{arch}should bex86_64. If the system is ARM architecture 64-bit, then it should beaarch64.
Successfully installed, if there is no error message such as No module named 'mindarmour' when execute the following command:
python -c 'import mindarmour'Guidance on installation, tutorials, API, see our User Documentation.
MindSpore Slack - Ask questions and find answers.
Welcome contributions. See our Contributor Wiki for more details.
The release notes, see our RELEASE.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent