/prada-protecting-against-dnn-model-stealing-attacks

Reference implementation of the PRADA model stealing defense. IEEE Euro S&P 2019.

Primary LanguagePythonApache License 2.0Apache-2.0

PRADA: Protecting Against DNN Model Stealing Attacks

This repo contains code that allows you to easily integrate the model stealing defense introduced in PRADA: Protecting Against DNN Model Stealing Attacks paper and presented at EuroS&P 2019. It consists of a) a self-contained defense agent b) a small wrapper that allows you to query the model (through the defense agent). Link to the arxiv version.

Requirements

  • Python3
  • pytorch
  • torchvision
  • numpy
  • scipy
  • matplotlib
  • flask
  • requests

Usage

  • Interactive querying mode: python main.py.

  • Provide path to the importable pytorch model.

  • Simple post client included for the interactive mode: python client.py server_url image_file by default model is served at http://localhost:8080/predict.

Hence an example query: py client.py http://localhost:8080/predict cat.ppm

  • Code contains additional comments for running the experiment with your model and data