Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DP-InstaHide Trainer Implementation #1956

Merged
merged 13 commits into from
Dec 15, 2022
Merged

DP-InstaHide Trainer Implementation #1956

merged 13 commits into from
Dec 15, 2022
+1,199 −12

Conversation

f4str
Copy link
Collaborator

@f4str f4str commented Dec 8, 2022
edited
Loading

Description

Implementation of the DP-InstaHide trainer. This trainer builds upon the previously implemented data augmentation defenses. Also includes a jupyter notebook demo showing how to use the trainer and its effectiveness on MNIST (a reference was added to the notebook README).

As a consequence, the following two bugs/issues were resolved

Fixes #1827
Fixes #1959
Fixes #1966

Type of change

Please check all relevant options.

  • Improvement (non-breaking)
  • Bug fix (non-breaking)
  • New feature (non-breaking)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Testing

Please describe the tests that you ran to verify your changes. Consider listing any relevant details of your test configuration.

  • Test the DP-InstaHide trainer in PyTorch
  • Test the DP-InstaHide trainer in TensorFlow
  • Test the DP-InstaHide trainer in Keras

Test Configuration:

  • OS
  • Python version
  • ART version or commit number
  • TensorFlow / Keras / PyTorch / MXNet version

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

Sorry, something went wrong.

@f4str
DP-InstaHide trainer implementation
4c58187 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str f4str changed the base branch from main to dev_1.13.0 December 8, 2022 01:03
@f4str f4str changed the title Dp instahide DP-InstaHide Trainer Implementation Dec 8, 2022
@f4str
Clip additive noise in DP-InstaHide trainer
7108f25 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@codecov-commenter
Copy link

codecov-commenter commented Dec 8, 2022
edited
Loading

Codecov Report

Merging #1956 (17bd890) into dev_1.13.0 (8de2403) will increase coverage by 0.51%.
The diff coverage is 87.90%.

Impacted file tree graph

@@              Coverage Diff               @@
##           dev_1.13.0    #1956      +/-   ##
==============================================
+ Coverage       84.96%   85.47%   +0.51%     
==============================================
  Files             285      286       +1     
  Lines           24912    25030     +118     
  Branches         4477     4495      +18     
==============================================
+ Hits            21166    21394     +228     
+ Misses           2612     2486     -126     
- Partials         1134     1150      +16
Impacted Files Coverage Δ
art/estimators/classification/pytorch.py 85.87% <68.75%> (-0.51%) ⬇️
art/defences/trainer/dp_instahide_trainer.py 90.19% <90.19%> (ø)
art/defences/trainer/__init__.py 100.00% <100.00%> (ø)
art/estimators/classification/keras.py 86.49% <100.00%> (+0.68%) ⬆️
art/estimators/classification/tensorflow.py 84.37% <100.00%> (+0.03%) ⬆️
art/defences/preprocessor/mixup/mixup.py 95.00% <0.00%> (+5.00%) ⬆️
...estimators/object_detection/pytorch_faster_rcnn.py 100.00% <0.00%> (+22.22%) ⬆️
...mators/object_detection/pytorch_object_detector.py 77.47% <0.00%> (+64.83%) ⬆️

@beat-buesser beat-buesser self-requested a review December 8, 2022 12:53
@beat-buesser beat-buesser self-assigned this Dec 8, 2022
@beat-buesser beat-buesser added the enhancement New feature or request label Dec 8, 2022
@beat-buesser beat-buesser added this to the ART 1.13.0 milestone Dec 8, 2022
f4str added 2 commits December 8, 2022 15:56
@f4str
Added dp-instahide unit tests
d7875b5 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
Fixed style checks
3654685 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str f4str marked this pull request as ready for review December 9, 2022 00:06
@f4str
Copy link
Collaborator Author

f4str commented Dec 9, 2022

The implementation and unit tests are complete and ready for review, but will also be adding a notebook demo.

f4str added 3 commits December 8, 2022 16:42
@f4str
Fixed flake8 errors
8bcb259 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
Added dp-instahide notebook demo
8d9d968 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
fixed typos
f714163 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@beat-buesser
Copy link
Collaborator

A review comment, please also add the new notebook to the notebook README file.

beat-buesser
beat-buesser reviewed Dec 12, 2022
View reviewed changes
art/defences/trainer/dp_instahide_trainer.py Outdated
x_aug = self._generate_noise(x_aug)

# extract label reduction and set to no reduction if needed
reduce_labels = self._classifier._reduce_labels # type: ignore # pylint: disable=W0212
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is there a type ignore?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not all classifiers of type CLASSIFIER_LOSS_GRADIENTS_TYPE have the _reduce_labels property which causes a mypy error. This line is needed due to the PyTorchClassifier always reducing labels for nn.CrossEntropyLoss.

beat-buesser
beat-buesser requested changes Dec 12, 2022
View reviewed changes
Copy link
Collaborator

@beat-buesser beat-buesser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ho @f4str Thank you very much for contributing DP-InstaHide to ART!

@f4str
Copy link
Collaborator Author

f4str commented Dec 13, 2022
edited
Loading

This PR will be completed (with the requested changes) after PR #1960 and PR #1967 are merged

f4str added 3 commits December 13, 2022 13:59
@f4str
Fixed compute loss bug in tf and keras classifiers
5c32ae7 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
add support for probability distribution labels in pytorch classifier
3f78995 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
removed extraneous check in dp-instahide trainer
34e220b 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
This was referenced Dec 13, 2022
Closed
Closed
This was linked to issues Dec 13, 2022
TensorFlowV2Classifier and KerasClassifier do not validate labels when computing loss #1959
Closed
Support Probability Distribution Labels in PyTorchClassifier #1966
Closed
@f4str f4str requested a review from beat-buesser December 13, 2022 22:25
beat-buesser and others added 3 commits December 14, 2022 11:37
@beat-buesser
Merge branch 'dev_1.13.0' into dp-instahide

Verified

This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
c48780a
@f4str
updated notebook README with dp-instahide example
df5e42c 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
@f4str
remove extraneous code in dp-instahide generator
17bd890 
Signed-off-by: Farhan Ahmed <Farhan.Ahmed@ibm.com>
beat-buesser
beat-buesser approved these changes Dec 15, 2022
View reviewed changes
Copy link
Collaborator

@beat-buesser beat-buesser left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @f4str Thank you very much for contributing DP-InstaHide to ART! The review changes look good to me.

@beat-buesser beat-buesser merged commit 1b302df into Trusted-AI:dev_1.13.0 Dec 15, 2022
@f4str f4str deleted the dp-instahide branch December 15, 2022 22:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beat-buesser beat-buesser

Assignees

@beat-buesser beat-buesser

Labels
enhancement New feature or request
Projects
None yet
Milestone
ART 1.13.0
3 participants
@f4str @codecov-commenter @beat-buesser