{"id":27573198,"url":"https://github.com/pralab/secml","last_synced_at":"2026-01-23T01:29:46.668Z","repository":{"id":42989937,"uuid":"257341185","full_name":"pralab/secml","owner":"pralab","description":"A Python library for Secure and Explainable Machine Learning","archived":false,"fork":false,"pushed_at":"2025-06-23T09:21:41.000Z","size":70619,"stargazers_count":189,"open_issues_count":8,"forks_count":27,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-11-05T01:10:23.815Z","etag":null,"topics":["adversarial-machine-learning","algorithms","artificial-intelligence","attack-algorithms","cleverhans","evasion-attacks","explainable-machine-learning","foolbox","interpretability","machine-learning","matplotlib","neural-networks","poisoning-attacks","python","python-library","pytorch","secml","security","sparse-data","tensorflow"],"latest_commit_sha":null,"homepage":"https://secml.readthedocs.io","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pralab.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-04-20T16:31:04.000Z","updated_at":"2025-10-30T21:33:38.000Z","dependencies_parsed_at":"2022-07-22T12:32:30.798Z","dependency_job_id":"927bfcba-3354-464e-9a07-f2033606a660","html_url":"https://github.com/pralab/secml","commit_stats":{"total_commits":2281,"total_committers":10,"mean_commits":228.1,"dds":"0.36212187637001314","last_synced_commit":"e7463f2114ddf507a32a74c80e401574d7d9e086"},"previous_names":[],"tags_count":28,"template":false,"template_full_name":null,"purl":"pkg:github/pralab/secml","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pralab%2Fsecml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pralab%2Fsecml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pralab%2Fsecml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pralab%2Fsecml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pralab","download_url":"https://codeload.github.com/pralab/secml/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pralab%2Fsecml/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28677531,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-23T01:00:35.747Z","status":"ssl_error","status_checked_at":"2026-01-23T01:00:19.529Z","response_time":144,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adversarial-machine-learning","algorithms","artificial-intelligence","attack-algorithms","cleverhans","evasion-attacks","explainable-machine-learning","foolbox","interpretability","machine-learning","matplotlib","neural-networks","poisoning-attacks","python","python-library","pytorch","secml","security","sparse-data","tensorflow"],"created_at":"2025-04-21T08:01:17.289Z","updated_at":"2026-01-23T01:29:46.646Z","avatar_url":"https://github.com/pralab.png","language":"Jupyter Notebook","funding_links":[],"categories":["\u003ca id=\"tools\"\u003e\u003c/a\u003e🛠️ Tools"],"sub_categories":["Oldies 🕰️"],"readme":"# SecML: Secure and Explainable Machine Learning in Python\n\n[![Status Alpha](https://img.shields.io/badge/status-alpha-yellow.svg)](.)\n[![Python 3.6 | 3.7 | 3.8](https://img.shields.io/badge/python-3.6%20%7C%203.7%20%7C%203.8-brightgreen.svg)](.)\n[![Platform Linux | MacOS | Windows ](https://img.shields.io/badge/platform-linux%20%7C%20macos%20%7C%20windows-lightgrey.svg)](.)\n[![Apache License 2.0](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nSecML is an open-source Python library for the **security evaluation** of\nMachine Learning algorithms.\nIt is equipped with **evasion** and **poisoning** adversarial machine learning attacks, \nand it can **wrap models and attacks** from other different frameworks.\n\n## Table of Contents\n* [Getting Started](#getting-started)\n* [Usage](#usage)\n* [Tutorials](#tutorials)\n* [Contributing](#contributing)\n* [How to cite SecML](#how-to-cite-secml)\n* [Contacts](#contacts)\n* [Acknowledgements](#acknowledgements)\n* [Copyright](#copyright)\n\n\n## Getting Started\n\nSecML can run with Python \u003e= 3.6 with no additional configuration steps \nrequired, as all its dependencies are available as wheel packages for \nthe principal macOS versions, Linux distributions and Windows.\n\n### Installation\n\n1. Install the latest version of ``setuptools``:\n\n```bash\npip install -U setuptools\n```\n\n2. Install from official PyPI repository:\n```bash\npip install secml\n```\n\nIn all cases, the setup process will try to install the correct dependencies.\nIn case something goes wrong during the install process, try to install\nthe dependencies **first** by calling: \n```python\npip install -r requirements.txt\n```\n\n\n### Extra Components\n\nSecML comes with a set of extras components that can be installed if desired.\nTo specify the extra components to install, add the section `[extras]` while\ncalling `pip install`. `extras` will be a comma-separated list of components \nyou want to install. Example:\n```bash\npip install secml[extra1,extra2]\n```\nThe following extra components are available:\n - `pytorch` : Neural Networks (NNs) through [PyTorch](https://pytorch.org/) deep learning platform.  \n   Installs: `torch \u003e= 1.4`, `torchvision \u003e= 0.5`  \n   *Windows only*: the url to installation archives should be manually provided as \n   `pip install secml[pytorch] -f https://download.pytorch.org/whl/torch_stable.html`.\n - `foolbox` : Wrapper of [Foolbox](https://github.com/bethgelab/foolbox), \n   a Python toolbox to create adversarial examples that fool neural networks.   \n   Installs: `foolbox \u003e= 3.3.0`, `eagerpy \u003e= 0.29.0`, `torch \u003e= 1.4`, `torchvision \u003e= 0.5`\n - `cleverhans` : Wrapper of [CleverHans](https://github.com/tensorflow/cleverhans), \n   a Python library to benchmark vulnerability of machine learning systems to adversarial examples.  \n   Installs: `tensorflow \u003e= 1.14.*, \u003c 2`, `cleverhans \u003c 3.1`  \n   *Warning*: not available for `python \u003e= 3.8`\n - `tf-gpu` : Shortcut for installing `TensorFlow` package with GPU support (Linux and Windows only).  \n   Installs: `tensorflow-gpu \u003e= 1.14.*, \u003c 2`  \n   *Warning*: not available for `python \u003e= 3.8`\n\n### Advanced features\nTo support additional advanced features (like the usage of GPUs) more packages can be necessary\ndepending on the Operating System used:\n\n - Linux (Ubuntu 16.04 or later or equivalent distribution)\n   - `python3-tk` for running MatplotLib Tk-based backends;\n   - [NVIDIA® CUDA® Toolkit](\n        https://developer.nvidia.com/cuda-toolkit) for GPU support.\n      \n - macOS (10.12 Sierra or later)\n   - Nothing to note.\n   \n - Windows (7 or later)\n   - [Microsoft Visual C++ Redistributable for Visual Studio 2015, 2017 and 2019](\n        https://support.microsoft.com/help/2977003/the-latest-supported-visual-c-downloads).\n   - [NVIDIA® CUDA® Toolkit](\n        https://developer.nvidia.com/cuda-toolkit) for GPU support.\n\n## Usage\nHere we show some of the key features of the SecML library.\n\n**Wide range of supported ML algorithms.** All supervised learning algorithms\n  supported by `scikit-learn` are available:\n```python\n# Wrapping a scikit-learn classifier\nfrom sklearn.svm import SVC\nfrom secml.ml.classifiers import CClassifierSkLearn\nmodel = SVC()\nsecml_model = CClassifierSkLearn(model)\n```\nAlso, SecML supports Neural Networks (NNs) through [PyTorch](https://pytorch.org/) deep learning platform:\n```python\n# Wrapping a Pytorch network\nfrom torchvision.models import resnet18\nfrom secml.ml.classifiers import CClassifierPyTorch\nmodel = resnet18(pretrained=True)\nsecml_model = CClassifierPyTorch(model, input_shape=(3, 224, 224))\n```\n\n**Management of datasets.** SecML can bundle together samples and labels together in a single object:\n```python\nfrom secml.array import CArray\nfrom secml.data import CDataset\n\nx = CArray.randn((200, 10))\ny = CArray.zeros(200)\ndataset = CDataset(x, y)\n```\nAlso, you can load famous datasets as well:\n```python\nfrom secml.data.loader import CDataLoaderMNIST\ndigits = (1, 5, 9)  # load subset of digits\nloader = CDataLoaderMNIST()\nnum_samples = 200\ntrain_set = loader.load('training', digits=digits)\ntest_set = loader.load('testing', digits=digits, num_samples=num_samples)\n```\n\n**Built-in attack algorithms.** Evasion and poisoning attacks based on a\n  custom-developed fast solver. In addition, we provide connectors to other \n  third-party Adversarial Machine Learning libraries.\n```python\nfrom secml.adv.attacks import CAttackEvasionPGD\n\ndistance = 'l2'  # type of perturbation 'l1' or 'l2'\ndmax = 2.5  # maximum perturbation\nlb, ub = 0., 1.  # bounds of the attack space. None for unbounded\ny_target = None  # None if untargeted, specify target label otherwise\n\n# Should be chosen depending on the optimization problem\nsolver_params = {\n    'eta': 0.5, # step size of the attack\n    'max_iter': 100, # number of gradient descent steps\n}\n\nattack = CAttackEvasionPGD(classifier=secml_model,\n                           distance=distance,\n                           dmax=dmax,\n                           solver_params=solver_params,\n                           y_target=y_target)\n\nadv_pred, scores, adv_ds, f_obj = attack.run(x, y)\n```\n\nA more detailed example covering evasion and poisoning attacks built-in in SecML can be found in [this](tutorials/06-MNIST_dataset.ipynb) notebook.\n\n**Wrapper of other adversarial frameworks.** Attacks can also be instantiated using other framework as well.\nIn particular, SecML can utilizes algorithms from `foolbox` and `cleverhans`.\n```python\nfrom secml.adv.attacks import CFoolboxPGDL2\ny_target = None\nsteps = 100\nepsilon = 1.0 # maximum perturbation\nattack = CFoolboxPGDL2(classifier=secml_model,\n                       y_target=y_target,\n                       epsilons=epsilon,\n                       steps=steps)\n\nadv_pred, scores, adv_ds, f_obj = attack.run(x, y)\n```\n\nA more detailed example covering attacks wrapped from other libraries can be found in [this](tutorials/15-Foolbox.ipynb) notebook.\n\n\n**Dense/Sparse data support.** We provide full, transparent support for both\n  dense (through `numpy` library) and sparse data (through `scipy` library)\n  in a single data structure.\n```python\nfrom secml.array import CArray\n\nx = CArray.zeros((4, 4))\nx[0, 2] = 1\nprint(x)\n\n\"\"\"\n\u003e\u003e CArray([[0. 0. 1. 0.]\n [0. 0. 0. 0.]\n [0. 0. 0. 0.]\n [0. 0. 0. 0.]])\n\"\"\"\nx = x.tosparse()\nprint(x) \n\n\"\"\"\n\u003e\u003e  CArray((0, 2)  1.0)\n\"\"\"\n```\n\nA more detailed example covering the usage of sparse data with an application in Android Malware Classification can be found in [this](tutorials/13-Android-Malware-Detection.ipynb) notebook.\n\n\n**Visualize your results.** We provide a visualization and plotting framework,\n  based on the widely-known library [matplotlib](https://matplotlib.org/).\n```python\nfrom secml.figure import CFigure\nfrom secml.optim.constraints import CConstraintL2\n\nfig = CFigure(width=5, height=5, markersize=12)\n\nfig.subplot(1, 2, 1)\n\n# Plot the attack objective function\nfig.sp.plot_fun(attack.objective_function, \n                plot_levels=False,\n                n_grid_points=200)\n\n# Plot the decision boundaries of the classifier\nfig.sp.plot_decision_regions(secml_model, \n                             plot_background=False, \n                             n_grid_points=200)\n\n# Plot the optimization sequence\nfig.sp.plot_path(attack.x_seq)\n\n# Plot a constraint\nfig.sp.plot_constraint(constraint)\n\nfig.title(\"SecML example\")\n\nfig.show()\n```\n\n**Explain your results.** Explainable ML methods to interpret model decisions\n  via influential features and prototypes.\n```python\nfrom src.secml.explanation import CExplainerIntegratedGradients\n\n# Compute explanations (attributions) w.r.t. each class\nattributions = CArray.empty(shape=(dataset.num_classes, x.size))\nfor c in dataset.classes:\n    attributions_c = CExplainerIntegratedGradients(clf).explain(x, y=c)\n    attributions[c, :] = attributions_c\n\n# Visualize the explanations\nfig = CFigure()\n\n# Threshold to plot positive and negative relevance values symmetrically\nthreshold = max(abs(attributions.min()), abs(attributions.max()))\n\n# Plot explanations\nfor c in dataset.classes:\n    fig.sp.imshow(attributions[c, :].reshape((dataset.header.img_h, \n                                              dataset.header.img_w)),\n                  cmap='seismic', vmin=-1 * threshold, vmax=threshold)\n    fig.sp.yticks([])\n    fig.sp.xticks([])\nfig.show()\n```\n\nA more detailed example covering explainability techniques can be found in [this](tutorials/10-Explanation.ipynb) notebook.\n\n\n**Model Zoo.** Use our pre-trained models to save time and easily replicate \n  scientific results.\n```python\nfrom secml.model_zoo import load_model\nclf = load_model('mnist159-cnn')\n```\n  \n## Tutorials\nWe provide tutorials that cover more advanced usages of SecML, and they can be found inside the [tutorials](tutorials) folder.\n\n## Contributing\n\nThe contributing and developer's guide is available at: \nhttps://secml.readthedocs.io/en/latest/developers/\n\n## How to cite SecML\nIf you use SecML in a scientific publication, please cite the following paper:\n\n[secml: A Python Library for Secure and Explainable Machine Learning](\nhttps://arxiv.org/abs/1912.10013), Melis *et al.*, arXiv preprint arXiv:1912.10013 (2019).\n\n```bibtex\n@article{melis2019secml,\n  title={secml: A Python Library for Secure and Explainable Machine Learning},\n  author={Melis, Marco and Demontis, Ambra and Pintor, Maura and Sotgiu, Angelo and Biggio, Battista},\n  journal={arXiv preprint arXiv:1912.10013},\n  year={2019}\n}\n```\n\n## Contacts\nThe best way for reaching us is by opening issues. However, if you wish to contact us, you can drop an email to:\n* [maura.pintor@unica.it](mailto:maura.pintor@unica.it)\n* [luca.demetrio93@unica.it](mailto:luca.demetrio93@unica.it)\n\n\n## Acknowledgements\nSecML has been partially developed with the support of European Union’s \n[ALOHA project](https://www.aloha-h2020.eu/) Horizon 2020 Research and \nInnovation programme, grant agreement No. 780788, and Horizon Europe [ELSA – European Lighthouse on Secure and Safe AI](https://elsa-ai.eu), grant agreement No. 101070617.\n\n\n## Copyright\nSecML has been developed by [PRALab - Pattern Recognition and Applications lab](\nhttps://pralab.diee.unica.it) and [Pluribus One s.r.l.](https://www.pluribus-one.it/) \nunder [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0). All rights reserved.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpralab%2Fsecml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpralab%2Fsecml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpralab%2Fsecml/lists"}