mindarmour.fuzz_testing

This module provides a neuron coverage-gain based fuzz method to evaluate the robustness of given model.

class mindarmour.fuzz_testing.Fuzzer(target_model, train_dataset, neuron_num, segmented_num=1000)[source]

Fuzzing test framework for deep neural networks.

Reference: DeepHunter: A Coverage-Guided Fuzz Testing Framework for Deep Neural Networks

Parameters
  • target_model (Model) – Target fuzz model.

  • train_dataset (numpy.ndarray) – Training dataset used for determining the neurons’ output boundaries.

  • neuron_num (int) – The number of testing neurons.

  • segmented_num (int) – The number of segmented sections of neurons’ output intervals. Default: 1000.

Examples

>>> net = Net()
>>> mutate_config = [{'method': 'Blur',
>>>                   'params': {'auto_param': [True]}},
>>>                  {'method': 'Contrast',
>>>                   'params': {'factor': [2]}},
>>>                  {'method': 'Translate',
>>>                   'params': {'x_bias': [0.1, 0.2], 'y_bias': [0.2]}},
>>>                  {'method': 'FGSM',
>>>                   'params': {'eps': [0.1, 0.2, 0.3], 'alpha': [0.1]}}]
>>> train_images = np.random.rand(32, 1, 32, 32).astype(np.float32)
>>> model_fuzz_test = Fuzzer(model, train_images, 10, 1000)
>>> samples, labels, preds, strategies, report = model_fuzz_test.fuzz_testing(mutate_config, initial_seeds)
fuzzing(mutate_config, initial_seeds, coverage_metric="KMNC", eval_metrics="auto", max_iters=10000, mutate_num_per_seed=20)[source]

Fuzzing tests for deep neural networks.

Parameters
  • mutate_config (list) – Mutate configs. The format is [{‘method’: ‘Blur’, ‘params’: {‘radius’: [0.1, 0.2], ‘auto_param’: [True, False]}}, {‘method’: ‘Contrast’, ‘params’: {‘factor’: [1, 1.5, 2]}}, {‘method’: ‘FGSM’, ‘params’: {‘eps’: [0.3, 0.2, 0.4], ‘alpha’: [0.1]}}, …]. The supported methods list is in self._strategies, and the params of each method must within the range of optional parameters. Supported methods are grouped in three types: Firstly, pixel value based transform methods include: ‘Contrast’, ‘Brightness’, ‘Blur’ and ‘Noise’. Secondly, affine transform methods include: ‘Translate’, ‘Scale’, ‘Shear’ and ‘Rotate’. Thirdly, attack methods include: ‘FGSM’, ‘PGD’ and ‘MDIIM’. mutate_config must have method in the type of pixel value based transform methods. The way of setting parameters for first and second type methods can be seen in ‘mindarmour/fuzz_testing/image_transform.py’. For third type methods, the optional parameters refer to self._attack_param_checklists.

  • initial_seeds (list[list]) – Initial seeds used to generate mutated samples. The format of initial seeds is [[image_data, label], […], …] and the label must be one-hot.

  • coverage_metric (str) – Model coverage metric of neural networks. All supported metrics are: ‘KMNC’, ‘NBC’, ‘SNAC’. Default: ‘KMNC’.

  • eval_metrics (Union[list, tuple, str]) – Evaluation metrics. If the type is ‘auto’, it will calculate all the metrics, else if the type is list or tuple, it will calculate the metrics specified by user. All supported evaluate methods are ‘accuracy’, ‘attack_success_rate’, ‘kmnc’, ‘nbc’, ‘snac’. Default: ‘auto’.

  • max_iters (int) – Max number of select a seed to mutate. Default: 10000.

  • mutate_num_per_seed (int) – The number of mutate times for a seed. Default: 20.

Returns

  • list, mutated samples in fuzz_testing.

  • list, ground truth labels of mutated samples.

  • list, preds of mutated samples.

  • list, strategies of mutated samples.

  • dict, metrics report of fuzzer.

Raises
  • TypeError – If the type of eval_metrics is not str, list or tuple.

  • TypeError – If the type of metric in list eval_metrics is not str.

  • ValueError – If eval_metrics is not equal to ‘auto’ when it’s type is str.

  • ValueError – If metric in list eval_metrics is not in [‘accuracy’, ‘attack_success_rate’, ‘kmnc’, ‘nbc’, ‘snac’].

class mindarmour.fuzz_testing.ModelCoverageMetrics(model, neuron_num, segmented_num, train_dataset)[source]

As we all known, each neuron output of a network will have a output range after training (we call it original range), and test dataset is used to estimate the accuracy of the trained network. However, neurons’ output distribution would be different with different test datasets. Therefore, similar to function fuzz, model fuzz means testing those neurons’ outputs and estimating the proportion of original range that has emerged with test datasets.

Reference: DeepGauge: Multi-Granularity Testing Criteria for Deep Learning Systems

Parameters
  • model (Model) – The pre-trained model which waiting for testing.

  • neuron_num (int) – The number of testing neurons.

  • segmented_num (int) – The number of segmented sections of neurons’ output intervals.

  • train_dataset (numpy.ndarray) – Training dataset used for determine the neurons’ output boundaries.

Raises

ValueError – If neuron_num is too big (for example, bigger than 1e+9).

Examples

>>> net = LeNet5()
>>> train_images = np.random.random((10000, 1, 32, 32)).astype(np.float32)
>>> test_images = np.random.random((5000, 1, 32, 32)).astype(np.float32)
>>> model = Model(net)
>>> model_fuzz_test = ModelCoverageMetrics(model, 10, 1000, train_images)
>>> model_fuzz_test.calculate_coverage(test_images)
>>> print('KMNC of this test is : %s', model_fuzz_test.get_kmnc())
>>> print('NBC of this test is : %s', model_fuzz_test.get_nbc())
>>> print('SNAC of this test is : %s', model_fuzz_test.get_snac())
calculate_coverage(dataset, bias_coefficient=0, batch_size=32)[source]

Calculate the testing adequacy of the given dataset.

Parameters
  • dataset (numpy.ndarray) – Data for fuzz test.

  • bias_coefficient (Union[int, float]) – The coefficient used for changing the neurons’ output boundaries. Default: 0.

  • batch_size (int) – The number of samples in a predict batch. Default: 32.

Examples

>>> model_fuzz_test = ModelCoverageMetrics(model, 10000, 10, train_images)
>>> model_fuzz_test.calculate_coverage(test_images)
get_kmnc()[source]

Get the metric of ‘k-multisection neuron coverage’.

Returns

float, the metric of ‘k-multisection neuron coverage’.

Examples

>>> model_fuzz_test.get_kmnc()
get_nbc()[source]

Get the metric of ‘neuron boundary coverage’.

Returns

float, the metric of ‘neuron boundary coverage’.

Examples

>>> model_fuzz_test.get_nbc()
get_snac()[source]

Get the metric of ‘strong neuron activation coverage’.

Returns

float, the metric of ‘strong neuron activation coverage’.

Examples

>>> model_fuzz_test.get_snac()