Skip to content
/ AdvEx_Evaluation Public

CMU MITS capstone project, assessing robustness of deep learning models against attacks

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ShangwuYao/AdvEx_Evaluation

BranchesTags

Repository files navigation

AdvEx Evaluation Worker

Adversarial Machine Learning

The security of machine learning algorithms has not yet received enough attention from the public, an attacker might intentionally manipulate the input data of machine learning algorithms to compromise the system security. An example of this is shown in the following picture, after adding some intentionally designed random noise into the original image, the machine learning model has 99% confidence in predicting the image as a "gibbon", even though the change in the image is neglectable to human eyes.

About AdvEx

Since machine learning has become critical parts of many systems in different fields, such as autonomous driving, we created AdvEx to prevent threat like this. AdvEx is a web service for assessing the robustness of machine learning models with adversarial machine learning. It is designed to fulfill the following quality attributes:

  • Scalability: achieved by auto-scaling and load-balancing using elastic beanstalk
  • Availability: achieved by having different servers in different availability zones
  • Performance: achieved by using GPU in evaluation workers, and having users upload their models directly to S3 buckets without going through servers first
  • Security: achieved by using AWS security group
  • Usability: achieved by creating helpful instructions and tutorials for users who are not machine learning experts
  • Configurability: achieved by using Elastic Beanstalk, Docker and config files

Links:

Project video demo | Front-end static demo | Front-end repo | Back-end repo | Evaluation worker repo

Cloud-based system architecture

Tech Stack

Evaluation Worker Feature

  • Uses a data processing pipeline to generate adversarial images using different attack methods (based on CleverHans)
  • Evaluates deep learning models in computer vision tasks, assesses models' robustness with two evaluation metrics: robustness score and confidence, visualize results with graphs
  • Handles auto-scaling and load-balancing with Elastic Beanstalk and Docker, reduces deployment time of a new version to 5 min

Dependencies

  • boto3 == 1.7.32
  • numpy == 1.14.2
  • tensorflow == 1.8.0
  • keras == 2.2.0
  • flask == 1.0.2
  • flask-sqlalchemy == 2.3.2

Docker image

Docker available at docker hub. For pulling docker:

docker pull awp135/advex:evaluation

About

CMU MITS capstone project, assessing robustness of deep learning models against attacks

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages