{"id":3724,"date":"2022-10-11T02:58:11","date_gmt":"2022-10-11T00:58:11","guid":{"rendered":"https:\/\/forhumanity.center\/bok\/?p=3724"},"modified":"2022-10-11T02:58:13","modified_gmt":"2022-10-11T00:58:13","slug":"data-entry-point-attacks-open-source-tools","status":"publish","type":"post","link":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/","title":{"rendered":"Data Entry Point Attacks: Open-Source Tools"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\"><strong>Non-Technical Tools<\/strong><\/h1>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Threat Modeling<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/mitre\/advmlthreatmatrix\"><strong>Adversarial ML Threat Matrix<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Knowledge base of adversary tactics, techniques, and case studies for ML systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research<\/li><li><strong>Who is it for?<\/strong> Security analysts, AI system analysts<\/li><li><strong>Features<\/strong><ul><li>Interactive matrix covering both ML specific and non-ML specific threats<\/li><li>Case studies, including attacks on real-world ML production systems<\/li><\/ul><\/li><\/ul>\n\n\n\n<h1 class=\"wp-block-heading\"><strong>Technical Tools<\/strong><\/h1>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Adversarial ML<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/advboxes\/AdvBox\"><strong>Advbox<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> A toolbox to generate adversarial examples that fool neural networks in PaddlePaddle, PyTorch, Caffe2, MxNet, Keras, TensorFlow<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML\/AI security personnel<\/li><li><strong>Features<\/strong><ul><li>Adversarial examples generation<\/li><li>Benchmarking tool for ML model robustness<\/li><li>CLI to generate adversarial examples with zero coding<\/li><\/ul><\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Azure\/counterfit\"><strong>Counterfit<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Microsoft Azure\u2019s CLI that provides a generic automation layer for assessing the security of ML models<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Framework:<\/strong> Azure Shell, Anaconda Python env<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/Trusted-AI\/adversarial-robustness-toolbox\"><strong>Adversarial Robustness Toolbox<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Tools that enable developers and researchers to defend and evaluate ML models and applications against the adversarial threats of Evasion, Poisoning, Extraction, and Inference<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Frameworks: <\/strong>TensorFlow, Keras, PyTorch, MXNet, scikit-learn, XGBoost, LightGBM, CatBoost, GPy, etc.<\/li><li><strong>Features<\/strong><ul><li>Support for diverse data types: images, tables, audio, video, etc.<\/li><li>Support for diverse ML tasks: classification, object detection, speech recognition, generation, certification<\/li><\/ul><\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/jind11\/TextFooler\"><strong>Text Fooler<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> A model for natural language attack on text classification and inference<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Features<\/strong><ul><li>Benchmarked generated adversary results on 7 datasets over 3 language models: BERT, LSTM, CNN<\/li><\/ul><\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/cleverhans-lab\/cleverhans\"><strong>CleverHans<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> An adversarial example library for constructing attacks, building defenses, and benchmarking ML systems\u2019 vulnerabilities to adversarial examples<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Frameworks:<\/strong> JAX, PyTorch, TF2<\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Privacy<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/privacytrustlab\/ml_privacy_meter\"><strong>Machine Learning Privacy Meter<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> A tool to quantify the privacy risks of machine learning models with respect to inference attacks, notably membership inference attacks<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Features<\/strong><ul><li>Quantitative assessment of privacy risk<\/li><li>Extensive privacy reports generation about the aggregate and individual risk for data records in the training set at multiple levels of access to the model<\/li><li>Estimation of the amount of information that can be revealed<ul><li>Black-box access: through the predictions of a model<\/li><li>White-box access: through both the predictions and parameters of a model<\/li><\/ul><\/li><\/ul><\/li><li><strong>Framework:<\/strong> TF2<\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/google\/differential-privacy\"><strong>Google\u2019s Differential Privacy<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Libraries to generate epsilon- and (epsilon, delta)-differentially private statistics over datasets<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Features<\/strong><ul><li>Google\u2019s Privacy on Beam solutions<\/li><li>A stochastic tester, used to help catch regressions that could make the differential privacy property no longer hold<\/li><li>Differential privacy accounting library<\/li><li>CLI for running differentially private SQL queries with ZetaSQL<\/li><\/ul><\/li><li><strong>Language:<\/strong> C++, Go, Java<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/IBM\/differential-privacy-library\"><strong>IBM\u2019s Differential Privacy Library<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> General-purpose library for experimenting with, investigating and developing applications in, differential privacy<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Features<\/strong><ul><li>Generic tools for differentially private data analysis (e.g., histograms)<\/li><li>Differentially-private models: clustering, classification, regression, dimensionality reduction, and pre-processing<\/li><li>Privacy budget and total privacy loss calculation using advanced composition techniques<\/li><\/ul><\/li><li><strong>Language:<\/strong> Python<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brubinstein\/diffpriv\"><strong>Diffpriv<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Privacy-aware data science tools<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Language:<\/strong> R<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/trailofbits\/PrivacyRaven\"><strong>Privacy Raven<\/strong><\/a><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What is it?<\/strong> Privacy testing library for deep learning systems<\/li><li><strong>Who is it for?<\/strong> Data scientists, ML engineers<\/li><li><strong>Features<\/strong><ul><li>Support for label-only black-box model extraction, membership inference, and (soon) model inversion attacks<\/li><\/ul><\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Language:<\/strong> Python<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Non-Technical Tools Threat Modeling Adversarial ML Threat Matrix What is it? Knowledge base of adversary tactics, techniques, and case studies for ML systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research Who is it for? Security analysts, AI system analysts Features Interactive &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/\"> <span class=\"screen-reader-text\">Data Entry Point Attacks: Open-Source Tools<\/span> Read More &raquo;<\/a><\/p>\n","protected":false},"author":31,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3724","post","type-post","status-publish","format-standard","hentry","category-senza-categoria"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Data Entry Point Attacks: Open-Source Tools - Body of Knowledge<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data Entry Point Attacks: Open-Source Tools - Body of Knowledge\" \/>\n<meta property=\"og:description\" content=\"Non-Technical Tools Threat Modeling Adversarial ML Threat Matrix What is it? Knowledge base of adversary tactics, techniques, and case studies for ML systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research Who is it for? Security analysts, AI system analysts Features Interactive &hellip; Data Entry Point Attacks: Open-Source Tools Read More &raquo;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/\" \/>\n<meta property=\"og:site_name\" content=\"Body of Knowledge\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-11T00:58:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-11T00:58:13+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"jimprovost\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/forhumanity.center\/bok\/#website\",\"url\":\"https:\/\/forhumanity.center\/bok\/\",\"name\":\"Body of Knowledge\",\"description\":\"ForHumanity - Independent Audit of AI Systems\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/forhumanity.center\/bok\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#webpage\",\"url\":\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/\",\"name\":\"Data Entry Point Attacks: Open-Source Tools - Body of Knowledge\",\"isPartOf\":{\"@id\":\"https:\/\/forhumanity.center\/bok\/#website\"},\"datePublished\":\"2022-10-11T00:58:11+00:00\",\"dateModified\":\"2022-10-11T00:58:13+00:00\",\"author\":{\"@id\":\"https:\/\/forhumanity.center\/bok\/#\/schema\/person\/a779515fd969cf898ebf4de54c8b46c1\"},\"breadcrumb\":{\"@id\":\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/forhumanity.center\/bok\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data Entry Point Attacks: Open-Source Tools\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/forhumanity.center\/bok\/#\/schema\/person\/a779515fd969cf898ebf4de54c8b46c1\",\"name\":\"jimprovost\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/forhumanity.center\/bok\/#personlogo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63d75c69ceaa34c86aed3b9b70422f07e94be51fa3b21260c60c0863576eb5a3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63d75c69ceaa34c86aed3b9b70422f07e94be51fa3b21260c60c0863576eb5a3?s=96&d=mm&r=g\",\"caption\":\"jimprovost\"},\"url\":\"https:\/\/forhumanity.center\/bok\/author\/jimprovost\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data Entry Point Attacks: Open-Source Tools - Body of Knowledge","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/","og_locale":"en_GB","og_type":"article","og_title":"Data Entry Point Attacks: Open-Source Tools - Body of Knowledge","og_description":"Non-Technical Tools Threat Modeling Adversarial ML Threat Matrix What is it? Knowledge base of adversary tactics, techniques, and case studies for ML systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research Who is it for? Security analysts, AI system analysts Features Interactive &hellip; Data Entry Point Attacks: Open-Source Tools Read More &raquo;","og_url":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/","og_site_name":"Body of Knowledge","article_published_time":"2022-10-11T00:58:11+00:00","article_modified_time":"2022-10-11T00:58:13+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"jimprovost","Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/forhumanity.center\/bok\/#website","url":"https:\/\/forhumanity.center\/bok\/","name":"Body of Knowledge","description":"ForHumanity - Independent Audit of AI Systems","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/forhumanity.center\/bok\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"WebPage","@id":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#webpage","url":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/","name":"Data Entry Point Attacks: Open-Source Tools - Body of Knowledge","isPartOf":{"@id":"https:\/\/forhumanity.center\/bok\/#website"},"datePublished":"2022-10-11T00:58:11+00:00","dateModified":"2022-10-11T00:58:13+00:00","author":{"@id":"https:\/\/forhumanity.center\/bok\/#\/schema\/person\/a779515fd969cf898ebf4de54c8b46c1"},"breadcrumb":{"@id":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/forhumanity.center\/bok\/data-entry-point-attacks-open-source-tools\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/forhumanity.center\/bok\/"},{"@type":"ListItem","position":2,"name":"Data Entry Point Attacks: Open-Source Tools"}]},{"@type":"Person","@id":"https:\/\/forhumanity.center\/bok\/#\/schema\/person\/a779515fd969cf898ebf4de54c8b46c1","name":"jimprovost","image":{"@type":"ImageObject","@id":"https:\/\/forhumanity.center\/bok\/#personlogo","inLanguage":"en-GB","url":"https:\/\/secure.gravatar.com\/avatar\/63d75c69ceaa34c86aed3b9b70422f07e94be51fa3b21260c60c0863576eb5a3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63d75c69ceaa34c86aed3b9b70422f07e94be51fa3b21260c60c0863576eb5a3?s=96&d=mm&r=g","caption":"jimprovost"},"url":"https:\/\/forhumanity.center\/bok\/author\/jimprovost\/"}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/posts\/3724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/comments?post=3724"}],"version-history":[{"count":1,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/posts\/3724\/revisions"}],"predecessor-version":[{"id":3725,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/posts\/3724\/revisions\/3725"}],"wp:attachment":[{"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/media?parent=3724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/categories?post=3724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forhumanity.center\/bok\/wp-json\/wp\/v2\/tags?post=3724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}