A Uniform Platform for Security Analysis of Deep Learning Models.

Download Version 0.0

When using DeepSec, if you find any bugs, please let us know. If you want to contribute some new algorithm or updated implementation of existing algorithms, please also let us know.

To contact us please email: Xiang Ling. Thanks!

Attack Module (AM)

The main function of AM is to exploit vulnerabilities of DL models and attack them via crafting AEs. In this module, we implement 16 state-of-the-art adversarial attacks, including 8 UAs and 8 TAs.

Defense Module (DM)

The main function of DM is to defend DL models and increase their resistance against adversarial attacks. In this module, we implement 13 latest and representative defense methods, which cover all categories of existing defenses.

Attack Utility Evaluation (AUE)

In this module, we implement 10 utility metrics of adversarial attacks (as detailed in the paper). With AUE, users can evaluate to what extent the generated AEs satisfy the essential utility requirements of adversarial attacks.

Defense Utility Evaluation (DUE)

DUE is mainly used for evaluating the utility of the state-of-the-art defenses in terms of 5 utility metrics, as defined in the paper. With this module, users can measure to what extent a defense-enhanced model preserves the fundamental functionality of the original model after applying all the defenses in DM.

Security Evaluation (SE)

Leveraging both AM and DM modules, SE is used to evaluate the vulnerability and resilience of defense-enhanced models against existing attacks. More importantly, users can determine whether the defense-enhanced models that are planned to deploy/share are resistant to current adversarial attacks.