Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/amazon-science/detecting-adversarial-samples-using-sagemaker

https://github.com/amazon-science/detecting-adversarial-samples-using-sagemaker

Science Score: 23.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
    Links to: arxiv.org
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (8.9%) to scientific vocabulary
Last synced: 9 months ago · JSON representation

Repository

Basic Info
  • Host: GitHub
  • Owner: amazon-science
  • License: mit-0
  • Language: Jupyter Notebook
  • Default Branch: main
  • Size: 434 KB
Statistics
  • Stars: 0
  • Watchers: 3
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created over 4 years ago · Last pushed about 4 years ago
Metadata Files
Readme Contributing License Code of conduct

README.md

Detecting adversarial samples using SageMaker ModelMonitor and Debugger

This repository contains the files for the blogpost "Detect adversarial inputs using Amazon SageMaker Model Monitor and Amazon SageMaker Debugger".

Create a SageMaker notebook instance and clone the repository:

git clone https://github.com/amazon-research/detecting-adversarial-samples-using-sagemaker.git

In the notebook Detectingadversarialsamples.ipynb we first train an image classification model (ResNet18) on CIFAR10 and then deploy it on Amazon SageMaker.

We will setup a custom SageMaker Model Monitor schedule that periodically kicks off a custom processing job that will run a two-sample statistical test using MMD (maximum mean discrepancy). This test detects adversarial samples.

The image below shows, the TSNE visualizations of feature representations for natural and adversarial samples obtained from different layers in the model (layer 0 presents the model inputs). We can see that adversarial samples become more distinguishable for the deeper layer of the ResNet18 model. The intuition is, that raw inputs are noisy and high-dimensional whereas the latent representation (produced by the deeper layer of a neural network) capture low-dimensional semantic information. We will use SageMaker Debugger in the endpoint to capture these representations during inference.

We will then run inference with test and adversarial images and determine how well they are detected by our custom Model Monitor.

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.

Owner

  • Name: Amazon Science
  • Login: amazon-science
  • Kind: organization

GitHub Events

Total
Last Year

Issues and Pull Requests

Last synced: over 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels