Comments (5)
A first step would be to load the whole cola config group, via case=cola
. Does that get you somewhere?
I haven't looked at classification tasks in forever. In principle, the attack as described would also run against classification (the head of the model does not matter), but some tweaks to the code might be necessary to make it work.
from breaching.
Hi Jonas, thanks for the reply,
I included the "case/data=cola", but I got the same error. It was simple to solve, though. The reason is that
load_dataset("glue", "cola")
already returns a Dataset. Thus, I changed, for now, in dataset_texts.py
raw_dataset = Dataset.from_dict({k: [v] for k, v in raw_datapoint.items()})
to
raw_dataset = raw_datapoint # It is already a Dataset
However, I face later something I have no idea how to solve or tweak. The following assert in base_attack.py fails
assert len(bias_per_query[0]) == server_payload[0]["metadata"]["vocab_size"]
The bias_per_query[0]
has length 768 (hidden layer size), whereas it was expecting 30522 (Bert's vocabulary size). If I comment the line (which I think is wrong), the code runs till the end, but all the tokens are predicted as CLS, so I think I should tweak something else. By any chance, would have any idea?
from breaching.
This is a problem, your decoder_bias_parameter_idx
should be None
, to indicate that your model does not have a decoder bias for every token (as it ends with a classification head). Also, make sure that embedding_parameter_idx
points to the correct entry in the list of gradients, corresponding to the weights of the token embedding.
from breaching.
As a sanity check, you could also set token_strategy
to None, which should be an okaish baseline, where no token info is used, and all found embeddings are matched against the full vocabulary.
from breaching.
Closing this for now. Let me know if you have more questions.
from breaching.
Related Issues (12)
- adding the GroupRegistration regularization term for "See through gradients" attack HOT 2
- Implementing too long time using 4090 HOT 5
- Split Name Mismatch For TinyImageNet Loading HOT 1
- hardcoded wrong md5 checksum HOT 2
- Wrong index of buffers in analysis.py HOT 1
- Unexpected change to server model in benchmark HOT 1
- attacks against secure aggregation used for FL HOT 2
- Questions about federated learning in Inverting Gradients HOT 6
- Questions about dataset configuration and attack initialization HOT 6
- Getting positions HOT 2
- Robbing The Fed produces 0 hits on custom model HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from breaching.