PRADA is a defense tool that protects deep neural network models from model stealing attacks by monitoring and detecting suspicious query patterns.
Reference implementation of the PRADA model stealing defense. IEEE Euro S&P 2019.
This tool is used to safeguard AI models deployed as services from unauthorized extraction attempts by adversaries. Security researchers and AI practitioners can integrate PRADA to detect and mitigate model stealing attacks, ensuring the intellectual property and integrity of their DNN models remain protected.
Ensure your PyTorch model is importable and compatible with the defense agent. The tool requires a running Flask server to serve model predictions and monitor queries. Use the interactive mode for experimentation and adapt the code comments for integrating your own models and datasets.
Install Python 3
Install PyTorch
Install torchvision
Install numpy
Install scipy
Install matplotlib
Install flask
Install requestspython main.py
Starts the interactive querying mode with the defense agent.
python client.py server_url image_file
Sends an image query to the model served through the defense agent; by default, the server URL is http://localhost:8080/predict.
py client.py http://localhost:8080/predict cat.ppm
Example command to query the model with the image file 'cat.ppm' using the included client.