auditml 0.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- auditml/__init__.py +20 -0
- auditml/attacks/__init__.py +87 -0
- auditml/attacks/attribute_inference.py +717 -0
- auditml/attacks/base.py +230 -0
- auditml/attacks/mia_shadow.py +662 -0
- auditml/attacks/mia_threshold.py +463 -0
- auditml/attacks/model_inversion.py +484 -0
- auditml/attacks/results.py +62 -0
- auditml/attacks/visualization.py +424 -0
- auditml/auditor.py +600 -0
- auditml/cli.py +421 -0
- auditml/config/__init__.py +37 -0
- auditml/config/loader.py +165 -0
- auditml/config/schema.py +148 -0
- auditml/data/__init__.py +21 -0
- auditml/data/datasets.py +193 -0
- auditml/data/transforms.py +55 -0
- auditml/defenses/__init__.py +0 -0
- auditml/models/__init__.py +65 -0
- auditml/models/base.py +42 -0
- auditml/models/cnn.py +74 -0
- auditml/models/resnet.py +112 -0
- auditml/py.typed +0 -0
- auditml/reporting/__init__.py +11 -0
- auditml/reporting/attack_comparison.py +234 -0
- auditml/reporting/attack_visualization.py +159 -0
- auditml/reporting/comparison.py +284 -0
- auditml/reporting/html_report.py +651 -0
- auditml/reporting/report_generator.py +316 -0
- auditml/reporting/visualization.py +223 -0
- auditml/training/__init__.py +12 -0
- auditml/training/dp_trainer.py +325 -0
- auditml/training/trainer.py +283 -0
- auditml/utils/__init__.py +14 -0
- auditml/utils/device.py +52 -0
- auditml/utils/experiment.py +131 -0
- auditml/utils/logging.py +58 -0
- auditml/utils/reproducibility.py +35 -0
- auditml/utils/rust_accel.py +170 -0
- auditml-0.1.0.dist-info/METADATA +267 -0
- auditml-0.1.0.dist-info/RECORD +44 -0
- auditml-0.1.0.dist-info/WHEEL +5 -0
- auditml-0.1.0.dist-info/entry_points.txt +2 -0
- auditml-0.1.0.dist-info/top_level.txt +1 -0
auditml/__init__.py
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
"""AuditML — A privacy auditing toolkit for PyTorch models.
|
|
2
|
+
|
|
3
|
+
Quick start
|
|
4
|
+
-----------
|
|
5
|
+
>>> import auditml
|
|
6
|
+
>>> results = auditml.audit(model, train_loader, test_loader)
|
|
7
|
+
>>> print(results.summary())
|
|
8
|
+
"""
|
|
9
|
+
|
|
10
|
+
from auditml.auditor import AttackSummary, AuditResults, audit, split_loaders
|
|
11
|
+
|
|
12
|
+
__version__ = "0.1.0"
|
|
13
|
+
|
|
14
|
+
__all__ = [
|
|
15
|
+
"audit",
|
|
16
|
+
"split_loaders",
|
|
17
|
+
"AuditResults",
|
|
18
|
+
"AttackSummary",
|
|
19
|
+
"__version__",
|
|
20
|
+
]
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
"""AuditML privacy attack implementations.
|
|
2
|
+
|
|
3
|
+
All attacks inherit from ``BaseAttack`` and return ``AttackResult``.
|
|
4
|
+
Use ``get_attack()`` to instantiate an attack by name.
|
|
5
|
+
"""
|
|
6
|
+
|
|
7
|
+
from __future__ import annotations
|
|
8
|
+
|
|
9
|
+
from typing import TYPE_CHECKING
|
|
10
|
+
|
|
11
|
+
import torch.nn as nn
|
|
12
|
+
|
|
13
|
+
from auditml.attacks.base import BaseAttack
|
|
14
|
+
from auditml.attacks.results import AttackResult
|
|
15
|
+
from auditml.config.schema import AttackType, AuditMLConfig
|
|
16
|
+
|
|
17
|
+
if TYPE_CHECKING:
|
|
18
|
+
pass
|
|
19
|
+
|
|
20
|
+
# Registry mapping AttackType → concrete class.
|
|
21
|
+
# Entries are added as each attack is implemented in Tasks 2.2–2.12.
|
|
22
|
+
# Using strings for lazy imports avoids circular-import issues and
|
|
23
|
+
# means we don't crash if an attack file has an uninstalled dependency.
|
|
24
|
+
_ATTACK_REGISTRY: dict[AttackType, str] = {
|
|
25
|
+
AttackType.MIA_THRESHOLD: "auditml.attacks.mia_threshold.ThresholdMIA",
|
|
26
|
+
AttackType.MIA_SHADOW: "auditml.attacks.mia_shadow.ShadowMIA",
|
|
27
|
+
AttackType.MODEL_INVERSION: "auditml.attacks.model_inversion.ModelInversion",
|
|
28
|
+
AttackType.ATTRIBUTE_INFERENCE: "auditml.attacks.attribute_inference.AttributeInference",
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
def get_attack(
|
|
33
|
+
attack_type: AttackType | str,
|
|
34
|
+
target_model: nn.Module,
|
|
35
|
+
config: AuditMLConfig,
|
|
36
|
+
device: str = "cpu",
|
|
37
|
+
**kwargs,
|
|
38
|
+
) -> BaseAttack:
|
|
39
|
+
"""Instantiate a concrete attack by type.
|
|
40
|
+
|
|
41
|
+
Parameters
|
|
42
|
+
----------
|
|
43
|
+
attack_type:
|
|
44
|
+
Which attack to create — an ``AttackType`` enum value or its
|
|
45
|
+
string form (e.g. ``"mia_threshold"``).
|
|
46
|
+
target_model:
|
|
47
|
+
The trained model to attack.
|
|
48
|
+
config:
|
|
49
|
+
Full AuditML configuration.
|
|
50
|
+
device:
|
|
51
|
+
Torch device string.
|
|
52
|
+
|
|
53
|
+
Returns
|
|
54
|
+
-------
|
|
55
|
+
BaseAttack
|
|
56
|
+
A ready-to-run attack instance.
|
|
57
|
+
|
|
58
|
+
Raises
|
|
59
|
+
------
|
|
60
|
+
ValueError
|
|
61
|
+
If *attack_type* is not recognised or not yet implemented.
|
|
62
|
+
"""
|
|
63
|
+
if isinstance(attack_type, str):
|
|
64
|
+
attack_type = AttackType(attack_type)
|
|
65
|
+
|
|
66
|
+
if attack_type not in _ATTACK_REGISTRY:
|
|
67
|
+
implemented = [k.value for k in _ATTACK_REGISTRY]
|
|
68
|
+
raise ValueError(
|
|
69
|
+
f"Attack {attack_type.value!r} is not yet implemented. "
|
|
70
|
+
f"Available: {implemented or 'none yet — coming in Tasks 2.2-2.12'}"
|
|
71
|
+
)
|
|
72
|
+
|
|
73
|
+
# Lazy import: "auditml.attacks.mia_threshold.ThresholdMIA" → class
|
|
74
|
+
dotted_path = _ATTACK_REGISTRY[attack_type]
|
|
75
|
+
module_path, class_name = dotted_path.rsplit(".", 1)
|
|
76
|
+
import importlib
|
|
77
|
+
module = importlib.import_module(module_path)
|
|
78
|
+
cls = getattr(module, class_name)
|
|
79
|
+
|
|
80
|
+
return cls(target_model=target_model, config=config, device=device, **kwargs)
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
__all__ = [
|
|
84
|
+
"AttackResult",
|
|
85
|
+
"BaseAttack",
|
|
86
|
+
"get_attack",
|
|
87
|
+
]
|