{"id":19846078,"url":"https://github.com/koukyosyumei/attack_splitnn","last_synced_at":"2025-05-01T21:31:02.801Z","repository":{"id":51292413,"uuid":"349923104","full_name":"Koukyosyumei/Attack_SplitNN","owner":"Koukyosyumei","description":"reveal the vulnerabilities of SplitNN","archived":false,"fork":false,"pushed_at":"2022-06-16T14:08:41.000Z","size":60810,"stargazers_count":27,"open_issues_count":5,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-05-02T03:39:01.048Z","etag":null,"topics":["attack","attack-splitnn","leakage","membership-inference","membership-inference-attack","model-inversion","model-inversion-attacks","notebook","paper","privacy","security-vulnerability","split-learning","splitnn"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Koukyosyumei.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-03-21T06:59:36.000Z","updated_at":"2024-04-09T06:48:44.000Z","dependencies_parsed_at":"2022-09-08T09:30:36.547Z","dependency_job_id":null,"html_url":"https://github.com/Koukyosyumei/Attack_SplitNN","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Koukyosyumei%2FAttack_SplitNN","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Koukyosyumei%2FAttack_SplitNN/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Koukyosyumei%2FAttack_SplitNN/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Koukyosyumei%2FAttack_SplitNN/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Koukyosyumei","download_url":"https://codeload.github.com/Koukyosyumei/Attack_SplitNN/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224278438,"owners_count":17285080,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack","attack-splitnn","leakage","membership-inference","membership-inference-attack","model-inversion","model-inversion-attacks","notebook","paper","privacy","security-vulnerability","split-learning","splitnn"],"created_at":"2024-11-12T13:10:23.332Z","updated_at":"2024-11-12T13:10:24.047Z","avatar_url":"https://github.com/Koukyosyumei.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Attacking SplitNN\n\n`Attacking_SplitNN` allows you to easily experiment with various combinations of attack and defense algorithms against SplitNN within PyTorch and scikit-learn.\n\n## Install\n\n        pip install git+https://github.com/Koukyosyumei/Attack_SplitNN\n\n## SplitNN\n\nYou can easily create two-SplitNN with this package as follows.\\\nThe client only has input data, and the server has only labels.\nThis package implements SplitNN as the custom torch.nn.modules, so you\ncan train SplitNN like the normal torch models.\n\n\n\n        Examples:\n                model_1 = FirstNet()\n                model_1 = model_1.to(device)\n\n                model_2 = SecondNet()\n                model_2 = model_2.to(device)\n\n                opt_1 = optim.Adam(model_1.parameters(), lr=1e-3)\n                opt_2 = optim.Adam(model_2.parameters(), lr=1e-3)\n\n                criterion = nn.BCELoss()\n\n                client = Client(model_1)\n                server = Server(model_2)\n\n                splitnn = SplitNN(client, server, opt_1, opt_2)\n\n                splitnn.train()\n                for epoch in range(3):\n                epoch_loss = 0\n                epoch_outputs = []\n                epoch_labels = []\n                for i, data in enumerate(train_loader):\n                        splitnn.zero_grads()\n                        inputs, labels = data\n                        inputs = inputs.to(device)\n                        labels = labels.to(device)\n\n                        outputs = splitnn(inputs)\n                        loss = criterion(outputs, labels)\n                        loss.backward()\n                        epoch_loss += loss.item() / len(train_loader.dataset)\n\n                        epoch_outputs.append(outputs)\n                        epoch_labels.append(labels)\n\n                        splitnn.backward()\n                        splitnn.step()\n\n                print(epoch_loss, torch_auc(torch.cat(epoch_labels),\n                                                torch.cat(epoch_outputs)))\n\n## Attack\n\n`Attacking_SplitNN` offers several attack methods with the same interface.\n\n|                                  | type                        | example                                                | Reference                                                                                                                                                                          |\n| -------------------------------- | --------------------------- | ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| Intermidiate Level Attack        | evasion attack              | [notebook](examples/IntermidiateLevelAttack.ipynb)     | [original paper](https://openaccess.thecvf.com/content_ICCV_2019/papers/Huang_Enhancing_Adversarial_Example_Transferability_With_an_Intermediate_Level_Attack_ICCV_2019_paper.pdf) |\n| Norm Attack                      | label leakage attack        | [notebook](examples/Label_Leakage.ipynb)               | [original paper](https://arxiv.org/abs/2102.08504)                                                                                                                                 |\n| Transfer Inherit Attack          | membership inference attack | [notebook](examples/Membershio_Inference_Attack.ipynb) | [original paper](https://ieeexplore.ieee.org/document/9302683)                                                                                                                     |\n|                                  |\n| Black Box Model Inversion Attack | model inversion attack      | [notebook](examples/Black_Box_Model_Inversion.ipynb)   | [blog](https://blog.openmined.org/extracting-private-data-from-a-neural-network/)                                                                                                  |\n\n\n## Defense\n\n|          | example                                  | Reference                                                            |\n| -------- | ---------------------------------------- | -------------------------------------------------------------------- |\n| Max Norm | [notebook](examples/Label_Leakage.ipynb) | [original paper](https://arxiv.org/abs/2102.08504)                   |\n| NoPeek   | [notebook](examples/NoPeekLoss.ipynb)    | [original paper](https://arxiv.org/abs/2008.09161)                   |\n| Shredder | [notebook](examples/Shredder.ipynb)      | [original paper](https://dl.acm.org/doi/pdf/10.1145/3373376.3378522) |\n\n## License\n\nThis software is released under the MIT License, see LICENSE.txt.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkoukyosyumei%2Fattack_splitnn","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkoukyosyumei%2Fattack_splitnn","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkoukyosyumei%2Fattack_splitnn/lists"}