apt.utils.models package

Submodules

apt.utils.models.keras_model module

class apt.utils.models.keras_model.KerasClassifier(model: keras.models.Model, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: KerasModel

Wrapper class for keras classification models.

Parameters:

  • model (keras.models.Model) – The original keras model object.

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data. Labels are expected to either be one-hot encoded or a 1D-array of categorical labels (consecutive integers starting at 0).

Returns:

None

predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array (class probabilities, if supported).

score(test_data: Dataset, scoring_method: ScoringMethod | None = ScoringMethod.ACCURACY, **kwargs)

Score the model using test data.

Parameters:

  • test_data – Test data.

  • scoring_method (ScoringMethod, optional) – The method for scoring predictions. Default is ACCURACY.

Returns:

the score as float (between 0 and 1)

class apt.utils.models.keras_model.KerasModel(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: Model

Wrapper class for keras models.

class apt.utils.models.keras_model.KerasRegressor(model: keras.models.Model, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: KerasModel

Wrapper class for keras regression models.

Parameters:

  • model (keras.models.Model) – The original keras model object.

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data.

Returns:

None

predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array.

score(test_data: Dataset, scoring_method: ScoringMethod | None = ScoringMethod.MEAN_SQUARED_ERROR, **kwargs)

Score the model using test data.

Parameters:

  • test_data – Test data.

  • scoring_method (ScoringMethod, optional) – The method for scoring predictions. Default is ACCURACY.

Returns:

the score as float

apt.utils.models.model module

class apt.utils.models.model.BlackboxClassifier(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, model_type: Any | ModelType | None = None, loss: torch.nn.modules.loss._Loss = None, optimizer: torch.optim.Optimizer = None, **kwargs)

Bases: Model

Wrapper for black-box ML classification models.

Parameters:

  • model (Data object or Callable) – The training and/or test data along with the model’s predictions for the data or a callable predict method.

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Always assumed to be True (black box) for this wrapper.

  • unlimited_queries (boolean, optional) – Boolean indicating whether a user can perform unlimited queries to the model API.

  • model_type (Either a (unfitted) model object of the underlying framework, or a ModelType representing the type of the model, optional.) – The type of model this BlackboxClassifier represents. Needed in order to build and/or fit similar dummy/shadow models.

  • loss (torch.nn.modules.loss._Loss, optional) – For pytorch models, the loss function used for training. Needed in order to build and/or fit similar dummy/shadow models.

  • optimizer (torch.optim.Optimizer, optional) – For pytorch models, the optimizer used for training. Needed in order to build and/or fit similar dummy/shadow models.

fit(train_data: Dataset, **kwargs) None

A blackbox model cannot be fit.

abstract get_predictions() Callable | Tuple[ndarray, ndarray]

Return all the data for which the model contains predictions, or the predict function of the model.

Returns:

Tuple containing data and predictions as numpy arrays or callable.

property input_shape: Tuple[int, ...]

Return the shape of input to the model.

Returns:

Shape of input to the model.

property loss

The pytorch model’s loss function.

Returns:

The pytorch model’s loss function.

property model_type: Any | ModelType | None

Return the type of the model.

Returns:

Either a (unfitted) model object of the underlying framework, or a ModelType representing the type of the model, or None (of none provided at init).

property nb_classes: int

Return the number of prediction classes of the model.

Returns:

Number of prediction classes of the model.

property optimizer

The pytorch model’s optimizer.

Returns:

The pytorch model’s optimizer.

predict(x: Dataset, **kwargs) ndarray

Get predictions from the model for input x. x must be a subset of the data provided in the model data in __init__().

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array.

score(test_data: Dataset, scoring_method: ScoringMethod | None = ScoringMethod.ACCURACY, **kwargs)

Score the model using test data.

Parameters:

  • test_data – Test data.

  • scoring_method (ScoringMethod, optional) – The method for scoring predictions. Default is ACCURACY.

Returns:

the score as float (for classifiers, between 0 and 1)

class apt.utils.models.model.BlackboxClassifierPredictFunction(model: Callable, output_type: ModelOutputType, input_shape: Tuple[int, ...], nb_classes: int, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: BlackboxClassifier

Wrapper for black-box ML classification models using a predict function.

Parameters:

  • model (Callable) – Function that takes in an np.ndarray of input data and returns predictions either as class probabilities (multi-column) or a 1D-array of categorical labels (consecutive integers starting at 0).

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • input_shape (Tuple[int, ...]) – Shape of input to the model.

  • nb_classes (int) – Number of prediction classes of the model.

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Always assumed to be True for this wrapper.

  • unlimited_queries (boolean, optional) – Boolean indicating whether a user can perform unlimited queries to the model API.

get_predictions() Callable | Tuple[ndarray, ndarray]

Return the predict function of the model.

Returns:

Callable representing a function that takes in an np.ndarray of input data and returns predictions either as class probabilities (multi-column) or a 1D-array of categorical labels (consecutive integers starting at 0).

class apt.utils.models.model.BlackboxClassifierPredictions(model: Data, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: BlackboxClassifier

Wrapper for black-box ML classification models using data and predictions.

Parameters:

  • model (Data object) – The training and/or test data along with the model’s predictions for the data. Assumes that the data is represented as numpy arrays. Labels are expected to either be class probabilities (multi-column) or a 1D-array of categorical labels (consecutive integers starting at 0).

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Always assumed to be True for this wrapper.

  • unlimited_queries (boolean, optional) – Boolean indicating whether a user can perform unlimited queries to the model API. Always assumed to be False for this wrapper.

get_predictions() Callable | Tuple[ndarray, ndarray]

Return all the data for which the model contains predictions.

Returns:

Tuple containing data and predictions as numpy arrays.

class apt.utils.models.model.Model(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: object

Abstract base class for ML model wrappers.

Parameters:

  • model (framework-specific model object) – The original model object (of the underlying ML framework)

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only for classifiers, value for regressors)

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

property black_box_access: bool

Return whether the model is only available via query (API) access, i.e., only the outputs of the model are exposed, or if the model internals are also available.

Returns:

True if the model is only available via query (API) access, otherwise False.

abstract fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data.

property model: Any

Return the underlying model.

Returns:

The model.

property output_type: ModelOutputType

Return the model’s output type.

Returns:

The model’s output type.

abstract predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array.

abstract score(test_data: Dataset, **kwargs)

Score the model using test data.

Parameters:

test_data – Test data.

Returns:

the score as float (for classifiers, between 0 and 1)

property unlimited_queries: bool

If black_box_access is True, return whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted.

Returns:

True if a user can perform unlimited queries to the model API, otherwise False.

class apt.utils.models.model.ModelOutputType(value)

Bases: Enum

An enumeration.

CLASSIFIER_LOGITS = 2
CLASSIFIER_PROBABILITIES = 1
CLASSIFIER_SCALAR = 3
REGRESSOR_SCALAR = 4
class apt.utils.models.model.ModelType(value)

Bases: Enum

An enumeration.

SKLEARN_DECISION_TREE = 1
SKLEARN_GRADIENT_BOOSTING = 2
class apt.utils.models.model.ScoringMethod(value)

Bases: Enum

An enumeration.

ACCURACY = 1
MEAN_SQUARED_ERROR = 2
apt.utils.models.model.check_correct_model_output(y: ndarray, output_type: ModelOutputType)

Checks whether there is a mismatch between the declared model output type and its actual output. :param y: Model output :type y: numpy array :param output_type: Declared output type (provided at init) :type output_type: ModelOutputType :raises: ValueError (in case of mismatch)

apt.utils.models.model.get_nb_classes(y: ndarray) int

Get the number of classes from an array of labels

Parameters:

y (numpy array) – The labels

Returns:

The number of classes as integer

apt.utils.models.model.is_one_hot(y: ndarray) bool

apt.utils.models.pytorch_model module

Pytorch Model Wrapper

class apt.utils.models.pytorch_model.PyTorchClassifier(model: Module, output_type: ModelOutputType, loss: _Loss, input_shape: Tuple[int, ...], nb_classes: int, optimizer: Optimizer, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: PyTorchModel

Wrapper class for pytorch classification models.

fit(train_data: PytorchData, validation_data: PytorchData | None = None, batch_size: int = 128, nb_epochs: int = 10, save_checkpoints: bool = True, save_entire_model=True, path='/home/docs/checkouts/readthedocs.org/user_builds/ai-privacy-toolkit/checkouts/latest/docs', **kwargs) None

Fit the model using the training data.

Parameters:

  • train_data (PytorchData) – Training data.

  • validation_data – Training data.

  • batch_size – Size of batches.

  • nb_epochs – Number of epochs to use for training.

  • save_checkpoints – Boolean, save checkpoints if True.

  • save_entire_model – Boolean, save entire model if True, else save state dict.

  • path – path for saving checkpoint.

  • kwargs – Dictionary of framework-specific arguments. This parameter is not currently supported for PyTorch and providing it takes no effect.

load_best_model_checkpoint()

Load entire model only based on the check point path (model_best.tar).

Returns:

loaded model

load_best_state_dict_checkpoint()

Load model state dict only based on the check point path (model_best.tar).

Returns:

loaded model

load_checkpoint_model_by_path(model_name: str, path: str | None = None)

Load model only based on the check point path.

Parameters:

  • model_name – check point filename

  • path – checkpoint path (default current work dir)

Returns:

loaded model

load_checkpoint_state_dict_by_path(model_name: str, path: str | None = None)

Load model only based on the check point path.

Parameters:

  • model_name – check point filename

  • path – checkpoint path (default current work dir)

Returns:

loaded model

load_latest_model_checkpoint()

Load entire model only based on the check point path (latest.tar).

Returns:

loaded model

load_latest_state_dict_checkpoint()

Load model state dict only based on the check point path (latest.tar).

Returns:

loaded model

property loss

The pytorch model’s loss function.

Returns:

The pytorch model’s loss function

property optimizer

The pytorch model’s optimizer.

Returns:

The pytorch model’s optimizer

predict(x: PytorchData, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (np.ndarray or pandas.DataFrame) – Input samples.

Returns:

Predictions from the model (class probabilities, if supported).

score(test_data: PytorchData, **kwargs)

Score the model using test data.

Parameters:

test_data (PytorchData) – Test data.

Returns:

the score as float (between 0 and 1)

class apt.utils.models.pytorch_model.PyTorchClassifierWrapper(model: torch.nn.Module, loss: torch.nn.modules.loss._Loss, input_shape: Tuple[int, ...], nb_classes: int, optimizer: torch.optim.Optimizer | None = None, use_amp: bool = False, opt_level: str = 'O1', loss_scale: float | str | None = 'dynamic', channels_first: bool = True, clip_values: CLIP_VALUES_TYPE | None = None, preprocessing_defences: Preprocessor | List[Preprocessor] | None = None, postprocessing_defences: Postprocessor | List[Postprocessor] | None = None, preprocessing: PREPROCESSING_TYPE = (0.0, 1.0), device_type: str = 'gpu')

Bases: PyTorchClassifier

Wrapper class for pytorch classifier model. Extension for Pytorch ART model

fit(*args, **kwargs)

Fit the classifier on the training set (x, y).

Parameters:

  • x – Training data.

  • y – Target values (class labels) one-hot-encoded of shape (nb_samples, nb_classes) or index labels of shape (nb_samples,).

  • x_validation – Validation data (optional).

  • y_validation – Target validation values (class labels) one-hot-encoded of shape (nb_samples, nb_classes) or index labels of shape (nb_samples,) (optional).

  • batch_size – Size of batches.

  • nb_epochs – Number of epochs to use for training.

  • save_checkpoints – Boolean, save checkpoints if True.

  • save_entire_model – Boolean, save entire model if True, else save state dict.

  • path – path for saving checkpoint.

  • kwargs – Dictionary of framework-specific arguments. This parameter is not currently supported for PyTorch and providing it takes no effect.

get_step_correct(outputs, targets) int

Get number of correctly classified labels.

load_best_model_checkpoint()

Load entire model only based on the check point path (model_best.tar).

Returns:

loaded model

load_best_state_dict_checkpoint()

Load model state dict only based on the check point path (model_best.tar).

Returns:

loaded model

load_checkpoint_model_by_path(model_name: str, path: str | None = None)

Load model only based on the check point path.

Parameters:

  • model_name – check point filename

  • path – checkpoint path (default current work dir)

Returns:

loaded model

load_checkpoint_state_dict_by_path(model_name: str, path: str | None = None)

Load model only based on the check point path.

Parameters:

  • model_name – check point filename

  • path – checkpoint path (default current work dir)

Returns:

loaded model

load_latest_model_checkpoint()

Load entire model only based on the check point path (latest.tar).

Returns:

loaded model

load_latest_state_dict_checkpoint()

Load model state dict only based on the check point path (latest.tar).

Returns:

loaded model

save_checkpoint_model(is_best: bool, path='/home/docs/checkouts/readthedocs.org/user_builds/ai-privacy-toolkit/checkouts/latest/docs', filename='latest.tar') None

Saves checkpoint as latest.tar or best.tar.

Parameters:

  • is_best – whether the model is the best achieved model

  • path – path for saving checkpoint

  • filename – checkpoint name

Returns:

None

save_checkpoint_state_dict(is_best: bool, path='/home/docs/checkouts/readthedocs.org/user_builds/ai-privacy-toolkit/checkouts/latest/docs', filename='latest.tar') None

Saves checkpoint as latest.tar or best.tar.

Parameters:

  • is_best – whether the model is the best achieved model

  • path – path for saving checkpoint

  • filename – checkpoint name

Returns:

None

class apt.utils.models.pytorch_model.PyTorchModel(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: Model

Wrapper class for pytorch models.

apt.utils.models.sklearn_model module

class apt.utils.models.sklearn_model.SklearnClassifier(model: BaseEstimator, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: SklearnModel

Wrapper class for scikitlearn classification models.

Parameters:

  • model (scikitlearn classifier object) – The original sklearn model object.

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data. Labels are expected to either be one-hot encoded or a 1D-array of categorical labels (consecutive integers starting at 0).

Returns:

None

predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array (class probabilities, if supported).

class apt.utils.models.sklearn_model.SklearnModel(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: Model

Wrapper class for scikitlearn models.

score(test_data: Dataset, **kwargs)

Score the model using test data.

Parameters:

test_data – Test data.

Returns:

the score as float (for classifiers, between 0 and 1)

class apt.utils.models.sklearn_model.SklearnRegressor(model: BaseEstimator, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: SklearnModel

Wrapper class for scikitlearn regression models.

Parameters:

  • model (scikitlearn regressor object) – The original sklearn model object.

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data.

Returns:

None

predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array.

apt.utils.models.xgboost_model module

class apt.utils.models.xgboost_model.XGBoostClassifier(model: xgboost.XGBClassifier, output_type: ModelOutputType, input_shape: Tuple[int, ...], nb_classes: int, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: XGBoostModel

Wrapper class for xgboost classification models.

Parameters:

  • model (Booster or XGBClassifier object) – The original xgboost model object. Must be fit.

  • output_type (ModelOutputType) – The type of output the model yields (vector/label only)

  • input_shape (Tuple[int, ...]) – Shape of input to the model.

  • nb_classes (int) – Number of prediction classes of the model.

  • black_box_access (boolean, optional) – Boolean describing the type of deployment of the model (when in production). Set to True if the model is only available via query (API) access, i.e., only the outputs of the model are exposed, and False if the model internals are also available. Default is True.

  • unlimited_queries (boolean, optional) – If black_box_access is True, this boolean indicates whether a user can perform unlimited queries to the model API or whether there is a limit to the number of queries that can be submitted. Default is True.

fit(train_data: Dataset, **kwargs) None

Fit the model using the training data.

Parameters:

train_data (Dataset) – Training data. Labels are expected to either be one-hot encoded or a 1D-array of categorical labels (consecutive integers starting at 0).

Returns:

None

predict(x: Dataset, **kwargs) ndarray

Perform predictions using the model for input x.

Parameters:

x (Dataset) – Input samples.

Returns:

Predictions from the model as numpy array (class probabilities, if supported).

score(test_data: Dataset, scoring_method: ScoringMethod | None = ScoringMethod.ACCURACY, **kwargs)

Score the model using test data.

Parameters:

test_data – Test data.

Returns:

the score as float (for classifiers, between 0 and 1)

class apt.utils.models.xgboost_model.XGBoostModel(model: Any, output_type: ModelOutputType, black_box_access: bool | None = True, unlimited_queries: bool | None = True, **kwargs)

Bases: Model

Wrapper class for xgboost models.

Module contents