This repository contains implementation of Membership Inference, Attribute Inference and Model Inversion attacks as a part of course project for 'Privacy Enhancing Technologies' offered at Saarland University by Prof. Yang Zhang @ CISPA, Saarbrücken, Germany.

Course homepage | Project guidelines | Project references | Results and Inferences

Note: There are two implementation versions of the CLI. The other implementation can be found in 'CLI_ver2' folder.

Membership Inference

How to run

$ python cli.py membership-inference [OPTIONS] COMMAND [ARGS]...

Commands:
- pretrained-dummy Load trained target and shadow model and train attack model
- train-dummy Train target, shadow and attack model
- train-plus-dummy Train target, shadow and attack model + augmentation, topk posteriors, parameter initialization and verbose enabled (check note below)
Options:
- --dataset TEXT Which dataset to use (CIFAR10 or MNIST) [default = CIFAR10]
- --data_path TEXT Path to store data [default = 'Membership-Inference/data']
- --model_path TEXT Path to save or load model checkpoints [default = 'Membership-Inference/model']
- --help Show this message and exit.
Example commands:
- $ python cli.py membership-inference pretrained-dummy --dataset MNIST --model_path Membership-Inference/best_models/
- $ python cli.py membership-inference train-dummy
- $ python cli.py membership-inference train-plus-dummy --need_topk --param_init
- Note:
  - Membership-Inference/model and Membership-Inference/data folders are generated while training.
  - train-plus-dummy has additional optional options which works as flags if mentioned:
    - --need_augm To use data augmentation on target and shadow training set or not
    - --need_topk Flag to enable using Top 3 posteriors for attack data
    - --param_init Flag to enable custom model params initialization
    - --verbose Add Verbosity

Attribute Inference

How to run

$ python cli.py attribute-inference [OPTIONS] COMMAND [ARGS]...

Options:
- --help Show this message and exit.
Commands:
- pretrained-dummy Load trained target and attack model
- supply-target Supply own target model and train attack model
- train-dummy Train target and attack model

`pretrained-dummy`

$ python cli.py attribute-inference pretrained-dummy [OPTIONS]
- Load trained target and attack model
Options:
- --help Show this message and exit.
Example command:
- $ python cli.py attribute-inference pretrained-dummy

`train-dummy`

$ python cli.py attribute-inference train-dummy [OPTIONS]
- Train target and attack model
Options:
- -t, --target_epochs INTEGER Number of training epochs for the target model [default=30]
- -a, --attack_epochs INTEGER Number of training epochs for the attack model [default=50]
- --help Show this message and exit.
Example command:
- $ python cli.py attribute-inference train-dummy -t 30 -a 50

`supply-target`

$ python cli.py attribute-inference supply-target [OPTIONS]
- Supply own target model and train attack model.
- Specifications for the target Model:
  - The target model should predict gender of a human [0: male, 1:female] and trained in UTKFace dataset.
  - The target model should give the following output: y, x where y are the two posteriors and y is the last fully connected layer. E.g. [ 5.0912e-01, -5.4544e-01], [-0.0656, 0.0087, -0.0543, ..., 0.0134, 0.0608, -0.0347]
  - The class file needs to be in the attribute inference folder.
  - Name of the class needs to be 'TargetModel'.
Options:
- -c, --class_file TEXT File that holds the target models nn.Module class [required]
- -s, --state_path TEXT Path of the state dictionary [required]
- -d, --dimension INTEGER Flattend dimension of the layer used as attack modelinput [required]
- -a, --attack_epochs INTEGER Number of training epochs for the attack model [default=30]
- --help Show this message and exit.
Example command:
- $ python cli.py attribute-inference supply-target -c af_models -s Attribute-Inference/models/target_model_30.pth -d 64 -a 50

Model Inversion

How to run

$ python cli.py model-inversion [OPTIONS] COMMAND [ARGS]...

Options:
- --help Show this message and exit.
Commands:
- pretrained-dummy Load trained target model and perform inversion
- train-dummy Train target model and perform model inversion
- supply-target Use trained external target model and perform model inversion

`pretrained-dummy`

$ python cli.py model-inversion pretrained-dummy [OPTIONS]
- Load trained target model and perform inversion
- Pretrained model 'atnt-mlp-model.pth' is in the ModelInversion folder.
Options:
- --iterations INTEGER Number of Iterations in attack [default = 30]
- --loss_function [crossEntropy|softmax] which loss function to used crossEntropy or softmax [default = crossEntropy]
- --generate_specific_class INTEGER choose class, number between 1 and 40, which you want recovered or nothing to get all recovered [default = -1]
- --help Show this message and exit.
Example command:
- $ python cli.py model-inversion pretrained-dummy

`train-dummy`

$ python cli.py model-inversion train-dummy [OPTIONS]
- Train target model and perform model inversion
Options:
- --iterations INTEGER Number of Iterations in attack [default = 30]
- --epochs INTEGER Number of epochs for the target model [default = 30]
- --loss_function [crossEntropy|softmax] which loss function to used crossEntropy or softmax [default = crossEntropy]
- --generate_specific_class INTEGER choose class, number between 1 and 40, which you want recovered or nothing to get all recovered [default = -1]
- --help Show this message and exit.
Example command:
- $ python cli.py model-inversion train-dummy --epochs 30

`supply-target`

$ python cli.py model-inversion supply-target [OPTIONS]
- Use trained external target model and perform model inversion
- Specifications for the target Model:
  - The target model should based on ATnT faces dataset.
  - The target model needs to return 'output, h' where output are the posteriors (h can be neglected).
  - The class file needs to be in the model inversion folder.
  - Name of the class needs to be 'TargetModel'.
Options:
- --class_file TEXT File that holds the target models nn.Module class [required]
- --target_model_path TEXT target model file [required]
- --iterations INTEGER Number of Iterations in attack [default = 30]
- --loss_function [crossEntropy|softmax] which loss function to used crossEntropy or softmax [default = crossEntropy]
- --generate_specific_class INTEGER choose class, number between 1 and 40, which you want recovered or nothing to get all recovered [default = -1]
- --help Show this message and exit.
Example command:
- $ python cli.py model-inversion supply-target --class_file target_model --target_model_path ModelInversion/atnt-mlp-model.pth --generate_specific_class 25

shrebox / privacy-attacks-in-machine-learning Goto Github PK

privacy-attacks-in-machine-learning's Introduction

Membership Inference

How to run

Attribute Inference

How to run

pretrained-dummy

train-dummy

supply-target

Model Inversion

How to run

pretrained-dummy

train-dummy

supply-target

privacy-attacks-in-machine-learning's People

Contributors

Stargazers

Watchers

Forkers

privacy-attacks-in-machine-learning's Issues

Recommend Projects

Recommend Topics

Recommend Org

`pretrained-dummy`

`train-dummy`

`supply-target`

`pretrained-dummy`

`train-dummy`

`supply-target`