# Welcome to the AIShield Integration Notebook!

**We are delighted to have you here!**

## What to Expect !!
This notebook serves as a comprehensive demonstration of the seamless integration capabilities of AIShield. As a powerful tool for securing your AI/ML assets against adversarial threats, AIShield ensures the integrity and robustness of your models, preventing financial loss, protecting brand reputation, and mitigating the risk of intellectual property theft.

## What to Do !!
- **Explore the notebook** at your own pace to gain deep insights into the functionalities and features offered by AIShield.
- **Run the first code cell/block**, which includes **Support functionalities** crucial for the smooth execution of the notebook. This setup will enhance your experience and enable the seamless integration of AIShield.
- Even without running the entire notebook, you can get a glimpse of AIShield's capabilities and its approach to vulnerability assessments through sample scenarios.
- **Run the code cells** to witness firsthand how AIShield seamlessly integrates with your existing codebase, empowering you to protect your AI models against adversarial attacks.
- **Experiment and adapt the code** to suit your specific use cases, leveraging the flexibility and customization options provided by AIShield.
- Should you have any questions or require assistance, our dedicated [AIShield.Contact@bosch.com](mailto:AIShield.Contact@bosch.com) is just a click away.

## What You'll Get !!
Throughout this notebook, you'll find:
- Code snippets demonstrating step-by-step procedures for incorporating AIShield into your existing workflows, ensuring comprehensive protection against adversarial threats.
- Detailed guidance on the integration process, including any additional inputs required for thorough vulnerability analysis.
- A comprehensive threat-informed defense model, empowering you to understand the vulnerabilities in your AI models and undertake appropriate remediation measures.
- Report artifacts and a sample attack dataset, providing valuable insights into potential attack scenarios and assisting in devising robust defense strategies.
- In-depth explanations of defense remediation techniques, equipping you with the knowledge and tools to safeguard your AI assets effectively.

## <span style="color:teal">AIShield Website and LinkedIn</span>
To learn more about AIShield and its cutting-edge features, visit the official [AIShield website](https://www.boschaishield.com/). Connect with AIShield on [LinkedIn](https://www.linkedin.com/company/bosch-aishield/about/) to stay updated on the latest advancements in AI security.

We hope this notebook empowers you to seamlessly integrate AIShield into your projects, ensuring the utmost protection for your AI/ML assets. If you have any questions or need further assistance, please don't hesitate to reach out. **Happy exploring!**


<a target="_blank" href="https://colab.research.google.com/github/bosch-aisecurity-aishield/Reference-Implementations/blob/main/Product_Taskpair_wise/Image_Classification/Image_Classification_Extraction.ipynb">
  <img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/>
</a>


## 1.0 Support Functionalities:

In [1]:
"""
Description : Use PyPi or AIShield API for Vulnerability Analysis
              if PyPi = True (this notebook will use aishield pypi package for vulnerability analysis)
              else = False (this notebook will use aishield api for vulnerability analysis)
"""
pypi = True

In [2]:
def make_code_input_scrollable():
    """Description : To make the input code cell scrollable for jupyternotebook"""
    from IPython.display import display, HTML
    display(HTML('''
        <style>
        .scrollable-code-input {
            max-height: 500px;
            overflow-y: scroll;
        }
        </style>
        <script>
        var codeInputCells = document.querySelectorAll('div.code_cell .input');
        codeInputCells.forEach(function(cell) {
            cell.classList.add('scrollable-code-input');
        });
        </script>
    '''))

make_code_input_scrollable()

def display_pdf(runtime_environment,output_filename, pdf_path=None, file_id=None):

    """Descrption : To embeded pdf file in the ntoebook"""

    from IPython.display import display, HTML
    import os
    output_file = output_filename+'.html'

    # Check if the output file exists
    if os.path.exists(output_file):
        with open(output_file, 'r') as f:
            saved_output = f.read()
            display(HTML(saved_output))
    else:
        if 'colab' in runtime_environment.lower():
            # Generate the Google Drive Viewer URL
            if file_id is None:
                print(pdf_path)
                # Generate the Google Drive Viewer URL
                drive_viewer_url = f'https://drive.google.com/viewerng/viewer?embedded=true&url={pdf_path}'
                html_code = f'<iframe src="{drive_viewer_url}" width="100%" height="600px"></iframe>'
            else:
                viewer_url = f"https://drive.google.com/file/d/{file_id}/preview"
                html_code = f'<iframe src="{viewer_url}" width="100%" height="600px"></iframe>'
        else:
            html_code = f'<embed src="{pdf_path}" width="100%" height="600px" type="application/pdf">'
        # Save the output to a file
        with open(output_file, 'w') as f:
            f.write(html_code)

        # Display the output
        display(HTML(html_code))


def check_runtime_environment():
    """
    Description : Check notebook is running on colab or jupyter-notebook
    """
    import os
    colab = False
    if 'google.colab' in str(get_ipython()):
        colab = True
        return 'Colab' , colab
    else:
        return 'Jupyter Notebook' , colab

# Check the runtime environment
runtime_environment,colab_running  = check_runtime_environment()

# print("Notebook is running in", runtime_environment)






<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/wk1.png"/>

## 2.0 Below code cell/block performs Step 1 to 4 with following these sequential steps :
**STEP 1 : Installing libraries:** The required libraries will be installed to provide necessary functionalities for the task at hand.

**STEP 2 : Loading the dataset:** The dataset containing the relevant information will be loaded into the program, allowing access to the data for analysis and modeling.

**STEP 3 : Model development and training:** A sophisticated model will be developed to analyze and interpret the dataset. The model will then be trained using appropriate techniques to optimize its performance.

**STEP 4 : Preparing the Data, Model, and Label:** Prior to further analysis, essential steps such as data preprocessing, model configuration, and label preparation will be carried out. This will ensure that the data, model, and labels are properly structured and ready for subsequent stages needed for aishield.



In [7]:
#@title Show/Hide Code
'''
Description: user input about dataset information, for eg: number of classes, input_shape
'''

img_row,img_col,channel=28,28,1
num_classes=10
epochs = 1
batch_size= 64
input_shape=(img_row,img_col,channel)
model_encryption=0 #0 if model is uploaded directly as a zip, 1 if model is encryted as .pyc and uploaded as a zip
Normalized =  'yes'
run_code = False
install = False #to install the prerequisite libraries or not


## installing libraries if not and then importing
if install:
    print("Started of installing all the prerequisites packages")
    !pip install numpy==1.22
    !pip install matplotlib==3.3.4
    !pip install tensorflow-gpu==2.9.1
    !pip install scikit-learn==1.0.2
    !pip install humanfriendly==9.2
    !pip install tqdm==4.61.1
    !pip install requests==2.28.0
    !pip install opencv-python
    !pip install pandas

    print("Starting installing aishield library")
    !pip install aishield
    print("Installed all the prerequisites packages")

else:
    print("Skipped the installation of all the prerequisites packages")


import os
import cv2
import json
import time
import tqdm
import shutil
import random
import zipfile
import requests
import numpy as np
import pandas as pd
from time import sleep
import tensorflow as tf
from tensorflow import keras
import matplotlib.pyplot as plt
from sklearn.model_selection import train_test_split
from tensorflow.keras import datasets, layers, optimizers, Sequential

import aishield as ais


def load_data():

    '''
        Description :
            Load the dataset.

        input_parameter: None
        return_parameter: return the training and testing the dataset
            X_train, y_train , X_test, y_test


    '''


    (X_train,y_train),(X_test,y_test) = tf.keras.datasets.mnist.load_data()
    print("Dataset Loaded")

    return X_train, y_train, X_test, y_test

def make_directory(directory):
    """
    Create directory

    Parameters
    ----------
    directorys : list containing the directory's path to create

    Returns
    -------
    None.

    """
    for d in directory:
        if os.path.isdir(d):
            print("directory {} already exist".format(d))
        if os.path.isdir(d)==False:
            os.mkdir(path=d)
            print("directory {} created successfully".format(d))

def delete_directory(directorys):
    """
    Delete directory

    Parameters
    ----------
    directorys : list containing the directory's path to delete along with all the files

    Returns
    -------
    None.

    """
    if len(directorys)>=1:
        for d in directorys:
            if os.path.isdir(d):
                try:
                    if os.path.isfile(d):
                        os.remove(path=d)
                    else:
                        shutil.rmtree(path=d)
                        print("Removed: {}".format(d))
                except:
                    print("Failed to removed: {}".format(d))
            else:
                print("Failed to removed: {}".format(d))

def make_archive(base_name,root_dir,zip_format='zip'):
    """
    Creates zip for given folder

    Parameters
    ----------
    base_name : name of zip file
    root_dir : directory to archive/zip
    zip_format : zip or tar
        DESCRIPTION. The default is 'zip'.

    Returns
    -------
    None.

    """
    shutil.make_archive(base_name=base_name, format=zip_format, root_dir=root_dir)

def training(parameter_payload:dict):

    X_train = parameter_payload['X_train']
    y_train = parameter_payload['y_train']
    X_test = parameter_payload['X_test']
    y_test = parameter_payload['y_test']

    #splitting the dataset into train and validation set
    X_train, X_val, y_train, y_val = train_test_split(X_train,y_train,stratify = y_train,test_size = 0.1,random_state = 42)

    #Normalizing and Reshaping the Data
    if parameter_payload['Normalized']:
        print("Normalization of the inputdata being started")
        X_train = X_train.reshape(-1,*input_shape)/255.0
        X_val =  X_val.reshape(-1,*input_shape)/255.0
        X_test =  X_test.reshape(-1,*input_shape)/255.0
        print("Normalization Done")


    #Convert the Labels to one hot encoder
    y_train=keras.utils.to_categorical(y_train,num_classes)
    y_test=keras.utils.to_categorical(y_test,num_classes)


    model = create_model(parameter_payload['num_classes'])

    # Checkpoint
    checkpoint = tf.keras.callbacks.ModelCheckpoint(filepath=os.path.join(parameter_payload['model_path'],parameter_payload['model_name']),monitor='val_loss',verbose=1,save_best_only=True,mode='auto')
    # Early stopper
    early_stop = tf.keras.callbacks.EarlyStopping(monitor='val_loss',min_delta=0,patience=3,mode='min')

    callbacks = [early_stop, checkpoint]

    history = model.fit(X_train, y_train, validation_data = (X_test, y_test),epochs = parameter_payload['epochs'], batch_size=parameter_payload['batch_size'], verbose = 1 , callbacks = callbacks)


    #Evaluate trained model

    loss,accuracy=model.evaluate(X_test, y_test)
    print("* Loss: {} \n* Accuracy: {}".format(loss,accuracy))

    return model, X_val, y_val


def create_folders():
    '''
        Descrption: this will remove(if present previously) and create folders needed
                    to store the data , model and label for ease access

        input_parameters: None
        return_parameters: returns the path of the data , model , label , report, zip directory
    '''

    data_path=os.path.join(os.getcwd(),"data")
    model_path=os.path.join(os.getcwd(),"model")
    label_path=os.path.join(os.getcwd(),"label")
    encrypt_model_path=os.path.join(os.getcwd(),"encrypt_model")

    report_path=os.path.join(os.getcwd(),"reports")
    sample_data = os.path.join(report_path, "sample_data")
    #Create Zip Path which contains data , model and label zip files
    zip_path=os.path.join(os.getcwd(),"zip")

    #deleting previously generated folders
    delete_directory(directorys=[data_path,model_path,label_path,encrypt_model_path,report_path,zip_path, sample_data])

    #creating folders
    make_directory([data_path,model_path,label_path,report_path,encrypt_model_path,zip_path, sample_data])

    return data_path, model_path, label_path,encrypt_model_path,report_path, zip_path, sample_data

def create_model(num_classes):
    """
    Description: Create model architecture
    input_parameters: num_classes : number of classes
    return_parameters: model
    """
    model = Sequential([
        layers.Conv2D(32, (5,5), padding='same', activation='relu', input_shape=input_shape),
        layers.Conv2D(32, (5,5), padding='same', activation='relu'),
        layers.MaxPool2D(),
        layers.Dropout(0.25),
        layers.Conv2D(64, (3,3), padding='same', activation='relu'),
        layers.Conv2D(64, (3,3), padding='same', activation='relu'),
        layers.MaxPool2D(strides=(2,2)),
        layers.Dropout(0.25),
        layers.Flatten(),
        layers.Dense(128, activation='relu'),
        layers.Dropout(0.5),
        layers.Dense(num_classes, activation='softmax')
    ])

    #Compile model
    model.compile(optimizer=optimizers.Adam(learning_rate=1e-3), loss = 'categorical_crossentropy', metrics=['accuracy'])

    return model

def prepare_data_label(data_path, label_path, X_val, y_val, Normalized):

    print("Preparing and Saving Data and Label file Needed.")
    label = pd.DataFrame()
    img_name = []
    img_label = []

    for i in range(X_val.shape[0]):
        if Normalized:
            # don't use plt.imread otheriwse while loading the saved images ,
            #and passing to model there is accuarcy drop
            cv2.imwrite(os.path.join(data_path,str(i)+".jpg") ,X_val[i]*255.0)
        else:
            cv2.imwrite(os.path.join(data_path,str(i)+".jpg") ,X_val[i])

        img_name.append(str(i)+".jpg")
        img_label.append(y_val[i])

    label['image'] = img_name
    label["label"] = np.array(img_label)

    #write orig_label dataframe
    label.to_csv(os.path.join(label_path,"label.csv"),index=False)

def encrypt_model(model, encrypt_model_path):
    print("As model_encryption has set as 1 , Creating an encripted Model")
    python_code='''
#import library
import numpy as np
import tensorflow as tf

#define class
class BaseModel():
    """
    class for base model
    """
    def __init__(self,input_shape=(28,28,1),num_classes=10,model_weight_path="model_weight.h5"):
        """
        constructor for class

        Parameters
        ----------
        input_shape : TYPE, optional
            DESCRIPTION. The default is (28,28,1).
        num_classes : TYPE, optional
            DESCRIPTION. The default is 10.
        model_weight_path : string, optional
            DESCRIPTION. the relative path to model weight

        Returns
        -------
        None.

        """
        self.input_shape=input_shape
        self.num_classes=num_classes
        self.model_weight_path=model_weight_path


    def cnn_model(self,input_shape,num_classes):
        """
        model architecture

        Parameters
        ----------
        input_shape : string
            DESCRIPTION.input_shape for model e.g (28,28,1)
        num_classes : string
            DESCRIPTION.number of class e.g 10

        Returns
        -------
        model : model
            DESCRIPTION.

        """
        #create sequential model

        model = tf.keras.Sequential([
            tf.keras.layers.Conv2D(32, (5,5), padding='same', activation='relu', input_shape=input_shape),
            tf.keras.layers.Conv2D(32, (5,5), padding='same', activation='relu'),
            tf.keras.layers.MaxPool2D(),
            tf.keras.layers.Dropout(0.25),
            tf.keras.layers.Conv2D(64, (3,3), padding='same', activation='relu'),
            tf.keras.layers.Conv2D(64, (3,3), padding='same', activation='relu'),
            tf.keras.layers.MaxPool2D(strides=(2,2)),
            tf.keras.layers.Dropout(0.25),
            tf.keras.layers.Flatten(),
            tf.keras.layers.Dense(128, activation='relu'),
            tf.keras.layers.Dropout(0.5),
            tf.keras.layers.Dense(num_classes, activation='softmax')   # used softmax , so set from_logits = False in cross entropy loss
        ])


        return model

    def predict(self,X):
        """
        predict for given data

        Parameters
        ----------
        X : numpy array
            DESCRIPTION.

        Returns
        -------
        pred : numpy array
            DESCRIPTION.

        """
        model=self.cnn_model(input_shape=self.input_shape,num_classes=self.num_classes)
        model.load_weights(self.model_weight_path)

        pred=np.argmax(model.predict(X),axis=-1)
        return pred '''

    # Writing to file
    with open("base_model.py", "w") as file:
        # Writing data to a file
        file.writelines(python_code)

    #Description: function to create .pyc file
    import py_compile
    py_compile.compile(file='base_model.py',cfile=os.path.join(encrypt_model_path,'base_model.pyc'))

    #Description: save weight of model
    model.save_weights(os.path.join(encrypt_model_path,"model_weight.h5"))


if __name__ == "__main__":

    import tqdm
    from time import sleep

    user_workflow = {
                 '1' : 'Loading the Dataset',
                 '2' : 'Model Development and Training',
                 '3' : 'Preparing Data, Model and Label',
                 '4' : 'AIShield API Call'

           }
    
    # creating folder to save datas
    data_path, model_path, label_path,encrypt_model_path,report_path, zip_path, sample_data = create_folders()
    
    if run_code:
        steps_tqdm = tqdm.tqdm(range(1,len(user_workflow)+1))
        for step in steps_tqdm:

            # if step == 1 :
            #     steps_tqdm.set_description(user_workflow[str(step)])

            if step == 1 :
                steps_tqdm.set_description(user_workflow[str(step)])
                X_train , y_train , X_test, y_test = load_data()


            elif step == 2:
#                 data_path, model_path, label_path,encrypt_model_path,report_path, zip_path, sample_data = create_folders()
                steps_tqdm.set_description(user_workflow[str(step)])
                training_parameters = {'X_train' : X_train ,
                              'y_train':y_train ,
                              'X_test' : X_test ,
                              'y_test' : y_test,
                              'Normalized' : Normalized ,
                              'epochs' : epochs ,
                              'batch_size' : batch_size,
                              'model_path' : model_path ,
                              'model_name' : 'mnist_model.h5',
                              'num_classes' : num_classes
                             }

                model, X_val, y_val = training(parameter_payload=training_parameters)

            elif step == 3:
                steps_tqdm.set_description(user_workflow[str(step)])

                prepare_data_label(data_path, label_path, X_val, y_val, Normalized)
                #Description: Zip data
                make_archive(base_name=os.path.join(zip_path,"data"),root_dir=data_path,zip_format='zip')

                #Description: Zip label
                make_archive(base_name=os.path.join(zip_path,"label"),root_dir=label_path,zip_format='zip')

                #Description: Zip Model
                if model_encryption:
                    encrypt_model(model, encrypt_model_path)
                    make_archive(base_name=os.path.join(zip_path,"encrypt_model"),root_dir=encrypt_model_path,zip_format='zip')
                else:
                    make_archive(base_name=os.path.join(zip_path,"model"),root_dir=model_path,zip_format='zip')

            elif step == 4:
                steps_tqdm.set_description(user_workflow[str(step)])
                print("Below Cells will see How to integrate and Call AIShield for Vulnerability Analysis")
                break

            sleep(1)



Skipped the installation of all the prerequisites packages
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\data
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\model
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\label
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\encrypt_model
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\reports
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Taskpair_wise\Image_Classification\zip
Failed to removed: C:\Users\PUM8KOR\my_workspace\AIShield\repos\Reference-Implementations\Product_Ta

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/wk2.png"/>

## 3.0 Vulnerability Analysis by AIShield

**STEP 5 :You can move to trigger the AIShield analysis by following steps given below. If you want to preview the generated artifact by vulnerability analysis like the report and dashboard, please find below a few samples of same, all without having to trigger an actual analysis.** 

By examining these Reports, we can gain a comprehensive understanding of the upcoming Vulnerability Analysis conducted by AIShield, which will enable us to prepare more effectively.


<img src="https://aisdocs.blob.core.windows.net/reference/dashboard_images/Dashboard.png"/>

<img src="https://aisdocs.blob.core.windows.net/reference/dashboard_images/IC_MEA_Dashboard.png"/>

In [4]:
hosted_pdf_url = 'https://aisdocs.blob.core.windows.net/reference/Reports/Image/ImageClassification/MEA/VulnerabilityReport.pdf'
display_pdf( output_filename = "vul_sample",runtime_environment = runtime_environment,pdf_path =hosted_pdf_url)


In [5]:
hosted_defense_pdf_url = 'https://aisdocs.blob.core.windows.net/reference/Reports/Image/ImageClassification/MEA/DefenseReport.pdf'
display_pdf(output_filename = "def_sample", runtime_environment=runtime_environment, pdf_path =hosted_defense_pdf_url)


#### Let's proceed with the step-by-step process of calling and integrating AIShield for Vulnerability Analysis:

1. **Initialize AIShield:** Ensure that AIShield is properly installed and its dependencies are set up. Also, initialize AIShield to prepare for the analysis.

2. **Model Registration:** Register the specific task pair (e.g. image_classification) and analysis type (e.g. Extraction / MEA) to perform the vulnerability analysis accurately.

3. **Upload Artifacts:** Upload the necessary artifacts that have been prepared previously in STEP 4 for analysis. These may include datasets, trained models, or any relevant files.

4. **Model Analysis:** Trigger the model analysis API to initiate the vulnerability analysis assessment. AIShield will perform the analysis using the uploaded artifacts.

5. **Monitor Analysis Status:** Keep track of the analysis progress and patiently wait for AIShield to generate the vulnerability assessment results. This may take some time depending on the complexity of the analysis.

6. **Download Reports & Artifacts:** Once the analysis is complete, access and download the vulnerability analysis reports and any additional artifacts generated by AIShield. Analyze these reports to gain insights into potential vulnerabilities in your system or application.

By following instructions, you can effectively call and integrate AIShield for Vulnerability Analysis.

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw.png"/>

### 3.1 Initialize AIShield

In [6]:
"""
Description : AIShield URL , subscription key and orgid
              Initialize the
"""
base_url = "https://api.aws.boschaishield.com/prod"
url=base_url+"/api/ais/v1.5"
org_id = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' #<<Copy Org_id mentioned in welcome mail after AIShield Subscription>>


"""
Description: Initialize the AIShield API
"""

if pypi:
    #if pypi then , x-api-key generation is taken care from pypi side using given org_id
    aishield_client = ais.AIShieldApi(api_url=url,org_id=org_id)

else:
    
    #if using AIShield API then , need an x-api-key for accessing AIShield registration / Analysis APIs
    # below function will get insight of how to generate the x-api-key
    def get_aws_api_key(url, org_id):

        """
        Description: to get the x_api_key
        """
        url = url+"/get_aws_api_key"
        headers = {'org_id': org_id}
        payload = {}

        x_api_key_request = requests.request("GET", url, headers=headers, data=payload)
        status_code = x_api_key_request.status_code
        x_api_key_request = json.loads(x_api_key_request.text)

        if status_code == 200:
            x_api_key = x_api_key_request['x_api_key']
            return x_api_key

        else:
            print(x_api_key_request)
            return None

    #generate the x-api-key
    x_api_key = get_aws_api_key(url, org_id)
    print("x_api_key is :",x_api_key)

    headers={'Cache-Control': 'no-cache',
    'x-api-key': x_api_key,
    'Org-Id' : org_id
    }

TypeError: __init__() missing 1 required positional argument: 'api_key'

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw1.png"/>

### 3.2 Model Registration

In [16]:
"""
Description: Define the task and analysis type for model registration
              "task_type" : refers to the specific type of task being performed, for eg : "image_classification."
              "analysis_type" : refers to the specific type of analysis being performed,for eg : "extraction.
              For more information, check out [https://docs.boschaishield.com/api-docs/lesspostgreater-model-registration#-a-xGGsdVJB3d09cBAck-]
"""

if pypi:
    
    task_type = ais.get_type("task", "image_classification") 
    analysis_type = ais.get_type("analysis", "extraction")  


    #Perform model registration
    try:
        status, model_registration_repsone = aishield_client.register_model(task_type=task_type, analysis_type=analysis_type)
    except Exception as e:
        print(str(e))
        
else:
    """
    Description: call Model registration api to get unique model it and url to upload data, model and label
    """
    model_registration_url = url + "/model_registration/upload"
    
    model_registration_payload = {
        'task_type':"image_classification",
        "analysis_type": "extraction"
    }
    
    try:
        new_request = requests.request(method="POST", url=model_registration_url, headers=headers, json=model_registration_payload)
        new_request = json.loads(new_request.text)
        model_id = new_request['data']['model_id']
        data_upload_obj = new_request['data']['urls']['data_upload_url']
        label_upload_obj = new_request['data']['urls']['label_upload_url']
        model_upload_obj = new_request['data']['urls']['model_upload_url']
        print('model_id: ', model_id)
        
    except Exception as e:
        print(new_request, str(e))

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw2.png"/>

### 3.3 Upload input artifacts

In [9]:
def download_file_from_git(url:str, file_name:str=None):
    """
    Download data from given url and save
    """
    if fine_name is None:
        file_name = url.split("/")[-1]  # Keeping url file name
   
    # Request url keeping stream alive
    response = requests.get(url, stream=True)  

    with open(file_name, mode="wb") as file:
        for chunk in response.iter_content(chunk_size=10 * 1024):
            file.write(chunk)
                       
    print("file : {} downloaded successfully")

In [None]:
"""
Description: Define path for Data, Label and Model
"""
zip_path = 'zip/'
if run_code:
    data_path=os.path.join(zip_path,'data.zip') #full path of data zip
    label_path=os.path.join(zip_path,'label.zip') #full path of label zip
    model_path=os.path.join(zip_path,'model.zip') #full path of model zip
else:
    # set url to download
    model_url = r'https://github.com/bosch-aisecurity-aishield/Reference-Implementations/blob/data_download_from_git/Product_Taskpair_wise/Image_Classification/Reference_data/mnist0.zip'
    data_url = r'https://github.com/bosch-aisecurity-aishield/Reference-Implementations/blob/data_download_from_git/Product_Taskpair_wise/Image_Classification/Reference_data/mnist_data.zip'
    label_url = r'https://github.com/bosch-aisecurity-aishield/Reference-Implementations/blob/data_download_from_git/Product_Taskpair_wise/Image_Classification/Reference_data/mnist_label.zip'
    
    # start downloading datas from url
    download_file_from_git(url=model_url, file_name=os.path.join(model_path,'model.zip'))
    download_file_from_git(url=data_url, file_name=os.path.join(data_path,'data.zip'))
    download_file_from_git(url=label_url, file_name=os.path.join(label_path,'label.zip'))

print("data path : ".format(data_path))
print("label path : ".format(label_path))
print("model path : ".format(model_path))

In [17]:
"""
Description: Full File paths and upload input artifacts
"""

# model_path=os.path.join(zip_path,'encrypt_model.zip') #full path of model zip. uncomment if model_encryption is 1


if pypi:
    #upload input artifacts
    upload_status = aishield_client.upload_input_artifacts(job_details=model_registration_repsone,
                                                  data_path=data_path,
                                                  label_path=label_path,
                                                  model_path=model_path, )
    print('Upload status: {}'.format(', '.join(upload_status)))

else:
    def upload_file(upload_obj, file_path):

        url = upload_obj['url']
        request_payload = upload_obj['fields']
        files=[
                  ('file',(os.path.basename(file_path),open(file_path,'rb'),'application/zip'))
                ]

        headers = {}
        new_request = requests.request("POST", url, headers=headers, data=request_payload, files=files)
        status_cd = new_request.status_code
        if status_cd == 204:
            status = 'upload sucessful'
        else:
            status = 'upload failed'
        return status

    """
    Description: Hit AIShield File Upload API
    """
    data_upload_status = upload_file(data_upload_obj, data_path)
    label_upload_status = upload_file(label_upload_obj, label_path)
    model_upload_status = upload_file(model_upload_obj, model_path)
    print('data_upload_status: ', data_upload_status)
    print('label_upload_status: ', label_upload_status)
    print('model_upload_status: ', model_upload_status)


Upload status: data file upload successful, label file upload successful, model file upload successful


<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw3.png"/>

### 3.4 Model Analysis

In [3]:
"""
Description: Specify the appropriate configs required for vulnerability analysis and trigger model analysis
"""


if pypi:
    vuln_config = ais.VulnConfig(task_type=task_type,
                                 analysis_type=analysis_type,
                                 defense_generate=True)

    vuln_config.input_dimensions = input_shape  # input dimension for mnist digit classification
    vuln_config.number_of_classes = num_classes  # number of classes for mnist digit classification
    vuln_config.attack_type = "greybox"  # greybox or blackbox depending upon the availability of information about Model, Data and Parameters
    vuln_config.number_of_attack_queries = 500  # Number of attack queries to be generated for testing model vulnerability
    vuln_config.encryption_strategy = model_encryption  # value 0 (or) 1, if model is unencrypted or encrypted(pyc) respectively
    print('IC-Extraction parameters are: \n {} '.format(vuln_config.get_all_params()))



    #Run vulnerability analysis
    job_status, job_details = aishield_client.vuln_analysis(model_id=model_registration_repsone.model_id, vuln_config=vuln_config)

    #unique job_id for the analyis
    job_id = job_details.job_id
    print('\nstatus: {} \nJob_id: {} \n'.format(job_status, job_id))

    #Monitor progress for given Job ID using the Link below
    print('Click on the URL to view Vulnerability Dashboard (GUI): {}'.format(job_details.job_dashboard_uri))


else:

    """
    Description: Payload for AIShield VulnerabilityReport api call
    """
    payload={}
    payload['use_model_api']="no"
    payload['model_api_details']="no"
    payload['normalize_data']="Yes"
    payload['input_dimensions']=str(input_shape)
    payload['number_of_classes']=str(num_classes)
    payload['attack_type']="blackbox"
    payload['number_of_attack_queries']=600
    payload['model_framework']='tensorflow'
    payload['vulnerability_threshold']="0"
    payload['defense_bestonly']="no"
    payload['encryption_strategy']= model_encryption

    print("IC-Extraction parameters are:",payload)
    """
    Description: Hit AIShield VulnerabilityReport api
    """
    model_analysis_url = url + "/model_analyse/{}".format(model_id)
    if data_upload_status == "upload sucessful" and model_upload_status == "upload sucessful" and label_upload_status == "upload sucessful":
        new_request = requests.request(method="POST", url=model_analysis_url, json=payload,headers=headers)
        new_request=json.loads(new_request.text)
        for k, v in new_request.items():
            print("* {} : {}".format(k,v))

        job_id=new_request['job_id']


'\nDescription: Specify the appropriate configs required for vulnerability analysis and trigger model analysis\n'

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw4.png"/>

### 3.5 Monitor Analysis Status

In [4]:
"""
Description: Fetch Job status using Job ID
"""

if pypi:
    status = aishield_client.job_status (job_id = job_id)
    print('job status ', status)

else:
    def monitor_api_progress(new_job_id):
        job_status_url = url + "/job_status_detailed?job_id=" + new_job_id

        # status dictionary
        status_dictionary = {
            'ModelExploration_Status': 'na',
            'SanityCheck_Status': 'na',
            'QueryGenerator_Status': 'na',
            'VunerabilityEngine_Status': 'na',
            'DefenseReport_Status': 'na',
        }
        counts = [0] * len(status_dictionary)
        failed_api_hit_count = 0
        while True:
            time.sleep(2)
            try:
                job_status_response = requests.request("GET", job_status_url, params={},
                                                       headers=headers)

                job_status_payload = json.loads(job_status_response.text)
                failing_key = 'ModelExploration_Status'
                for i, key in enumerate(status_dictionary.keys()):
                    if status_dictionary[key] == 'na':
                        if job_status_payload[key] == 'inprogress' and status_dictionary[key] == 'na':
                            status_dictionary[key] = job_status_payload[key]
                            print(str(key), ":", status_dictionary[key])

                        elif job_status_payload[key] == 'completed' or job_status_payload[key] == 'passed':
                            status_dictionary[key] = job_status_payload[key]
                            counts[i] += 1
                            print(str(key), ":", status_dictionary[key])

                        if job_status_payload[key] == 'failed':
                            failing_key = key
                            status_dictionary[key] = job_status_payload[key]
                            print(str(key), ":", status_dictionary[key])

                    elif job_status_payload[key] == 'completed' or job_status_payload[key] == 'passed':
                        status_dictionary[key] = job_status_payload[key]
                        if counts[i] < 1:
                            print(str(key), ":", status_dictionary[key])
                        counts[i] += 1

                    else:
                        if job_status_payload[key] == 'failed':
                            failing_key = key
                            status_dictionary[key] = job_status_payload[key]
                            print(str(key), ":", status_dictionary[key])

                if job_status_payload[failing_key] == 'failed':
                    break

                if status_dictionary['VunerabilityEngine_Status'] == 'passed' or status_dictionary[
                    'VunerabilityEngine_Status'] == 'completed' and job_status_payload[
                    'CurrentStatus'] == "Defense generation is not triggered":
                    print("\n Vulnerability score {} failed to cross vulnerability threshold of {}".format(
                        job_status_payload['VulnerabiltyScore'], payload['vulnerability_threshold']))
                    break
                if job_status_payload['DefenseReport_Status'] == 'completed':
                    break
            except Exception as e:
                failed_api_hit_count += 1
                print("Error {}. trying {} ...".format(str(e), failed_api_hit_count))
                if failed_api_hit_count >= 3:
                    break
        return status_dictionary

    status_dictionary = monitor_api_progress(new_job_id=job_id)

'\nDescription: Fetch Job status using Job ID\n'

<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw5.png"/>

### 3.6 Download Reports and artifacts

In [21]:
report_path = "reports/"
status ="success"

In [22]:
def download_artifact(job_id, report_path, report_type='Vulnerability', file_format=0):
    """
    job_id: job_id  received after successful api call
    report_type: report to be downloaded
    file_format: change file_format to : 0- all report in zip
                        1- report in .txt
                        2- report in .pdf
                        3- report in .json
                        4- report in .xml
    """
    print("received report_type : {} and file format is: {}".format(report_type, file_format))
    report_url = url + "/" + "get_report?job_id=" + str(
        job_id) + "&report_type=" + report_type + "&file_format=" + str(file_format)

    headers1 = headers
    headers1["content-type"] = "application/zip"

    response = requests.request("GET", report_url, params={}, headers=headers1)

    file_path = None
    if file_format == 0 or file_format == "Attack_samples":
        file_path=os.path.join(report_path, report_type + ".zip")
        with open(file_path, 'wb') as f:
            f.write(response.content)

    elif file_format == 1:
        file_path=os.path.join(report_path, report_type + ".txt")
        with open(file_path, 'wb') as f:
            f.write(response.content)

    elif file_format == 2:
        file_path=os.path.join(report_path, report_type + ".pdf")
        with open(file_path, 'wb') as f:
            f.write(response.content)

    elif file_format == 3:
        file_path=os.path.join(report_path, report_type + ".json")
        with open(file_path, 'wb') as f:
            f.write(response.content)

    elif file_format == 4:
        file_path=os.path.join(report_path, report_type + ".xml")
        with open(file_path, 'wb') as f:
            f.write(response.content)

    return file_path

In [23]:
"""
Description: Download the Defense Reports
"""

if pypi:
    if status == "success":
        output_conf = ais.OutputConf(report_type=ais.get_type("report", "vulnerability"),
                                     file_format=ais.get_type("file_format", "pdf"),
                                     save_folder_path=report_path)

        vul_report = aishield_client.save_job_report(job_id=job_id, output_config=output_conf)

else:

    vul_report = download_artifact(job_id=job_id, report_path= report_path, report_type='Vulnerability', file_format=2)

2023-07-07 04:29:39,277 - INFO - directory reports/ already exist
INFO:aishield.utils.util:directory reports/ already exist
2023-07-07 04:29:43,247 - INFO - vulnerability_20230707_0429.pdf is saved in reports/
INFO:aishield.connection:vulnerability_20230707_0429.pdf is saved in reports/


In [24]:
"""
Description: Download the Defense Reports
"""
if pypi:
    if status == "success":
        output_conf = ais.OutputConf(report_type=ais.get_type("report", "defense"),
                                     file_format=ais.get_type("file_format", "pdf"),
                                     save_folder_path=report_path)

        def_report = aishield_client.save_job_report(job_id=job_id, output_config=output_conf)
else:
    def_report = download_artifact(job_id=job_id, report_path= report_path, report_type='Defense', file_format=2)

2023-07-07 04:29:46,349 - INFO - directory reports/ already exist
INFO:aishield.utils.util:directory reports/ already exist
2023-07-07 04:29:49,818 - INFO - defense_20230707_0429.pdf is saved in reports/
INFO:aishield.connection:defense_20230707_0429.pdf is saved in reports/


In [25]:
"""
Description: Download the Defense artifacts: Model
"""

if pypi:
    if status == "success":
        output_conf = ais.OutputConf(report_type=ais.get_type("report", "defense_artifact"),
                                     file_format=ais.get_type("file_format", "pdf"),
                                     save_folder_path=report_path)

        def_artifact_report = aishield_client.save_job_report(job_id=job_id, output_config=output_conf)
else:
    def_artifact_report = download_artifact(job_id=job_id, report_path= report_path, report_type='Defense_artifact', file_format=0)

2023-07-07 04:29:51,820 - INFO - directory reports/ already exist
INFO:aishield.utils.util:directory reports/ already exist
2023-07-07 04:29:53,886 - INFO - defense_artifact_20230707_0429.zip is saved in reports/
INFO:aishield.connection:defense_artifact_20230707_0429.zip is saved in reports/


In [26]:
"""
Description: Download the Attack Samples
"""
if pypi:
    if status == "success":
        output_conf = ais.OutputConf(report_type=ais.get_type("report", "attack_samples"),
                                     save_folder_path=report_path)

        attack_report = aishield_client.save_job_report(job_id=job_id, output_config=output_conf)
else:
    attack_report = download_artifact(job_id=job_id, report_path= report_path, report_type='Attack_samples', file_format=0)

2023-07-07 04:29:55,847 - INFO - directory reports/ already exist
INFO:aishield.utils.util:directory reports/ already exist
2023-07-07 04:29:57,432 - INFO - attack_samples_20230707_0429.zip is saved in reports/
INFO:aishield.connection:attack_samples_20230707_0429.zip is saved in reports/


In [27]:

def get_file_id(report_path):

    file_id = None
    !pip install --upgrade google-api-python-client google-auth-httplib2 google-auth-oauthlib

    # from google.colab import drive
    # drive.mount('/content/drive')
    import os
    from googleapiclient.discovery import build
    from googleapiclient.http import MediaFileUpload

    # Authenticate and authorize access to the Google Drive API
    from google.colab import auth
    auth.authenticate_user()

    # Build the Drive API service
    drive_service = build('drive', 'v3')

    # Path to the PDF file in your local drive
#         local_pdf_path = '/content/drive/MyDrive/Vulnerability.pdf'

    # Upload the PDF file to Google Drive
    pdf_file_name = os.path.basename(report_path)
    file_metadata = {'name': pdf_file_name}
    media = MediaFileUpload(report_path, mimetype='application/pdf')
    file = drive_service.files().create(body=file_metadata, media_body=media, fields='id').execute()

    # Set sharing permissions to "Anyone with the link"
    file_id = file.get('id')
    drive_service.permissions().create(
        fileId=file_id,
        body={'role': 'reader', 'type': 'anyone'}
    ).execute()

    return file_id

In [28]:
"""
Description: Displaying the current Vulnerability Assement report
"""

if ("colab" in runtime_environment.lower()):
    file_id = get_file_id(report_path = vul_report)
    display_pdf(output_filename = "vul_"+job_id[-10:],runtime_environment=runtime_environment,file_id=file_id)
else:
    display_pdf(output_filename = "vul_"+job_id[-10:],runtime_environment=runtime_environment, pdf_path =os.path.join(report_path, os.path.basename(vul_report)))

Collecting google-api-python-client
  Downloading google_api_python_client-2.92.0-py2.py3-none-any.whl (11.4 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m11.4/11.4 MB[0m [31m94.9 MB/s[0m eta [36m0:00:00[0m
Collecting google-auth-oauthlib
  Downloading google_auth_oauthlib-1.0.0-py2.py3-none-any.whl (18 kB)
Installing collected packages: google-auth-oauthlib, google-api-python-client
  Attempting uninstall: google-auth-oauthlib
    Found existing installation: google-auth-oauthlib 0.4.6
    Uninstalling google-auth-oauthlib-0.4.6:
      Successfully uninstalled google-auth-oauthlib-0.4.6
  Attempting uninstall: google-api-python-client
    Found existing installation: google-api-python-client 2.84.0
    Uninstalling google-api-python-client-2.84.0:
      Successfully uninstalled google-api-python-client-2.84.0
[31mERROR: pip's dependency resolver does not currently take into account all the packages that are installed. This behaviour is the source of the fol



In [29]:
"""
Description: Displaying the current Defense Assement report
"""

if ("colab" in runtime_environment.lower()):
    file_id = get_file_id(report_path = def_report)
    display_pdf(output_filename = "Defense_"+job_id[-10:],runtime_environment=runtime_environment,file_id=file_id)
else:
    display_pdf(output_filename = "Defense_"+job_id[-10:],runtime_environment=runtime_environment, pdf_path =os.path.join(report_path, os.path.basename(def_report)))



<img src="https://aisdocs.blob.core.windows.net/reference/Workflow Images/aw6.png"/>

### After conducting a Vulnerability Analysis by AIshield, if a defense recommendation is identified, then following actions can be taken:

1. **Model Retraining:** It is advised to retrain the original model to enhance its robustness. By revisiting the training process and incorporating the insights gained from the vulnerability analysis, the model can be improved to better handle potential threats and mitigate vulnerabilities.


2. **Deploying Threat-Informed Defense Model:** In addition to the original model, AIshield provides a specialized defense model that is specifically designed to address the identified threats. This threat-informed defense model can be deployed alongside the original model to provide an additional layer of protection and enhance the overall security posture. By leveraging the insights gained from the vulnerability analysis, the defense model offers targeted defenses against potential threats.