From 70cfeafaa11b4bb714d493d4207508c7150aa7cb Mon Sep 17 00:00:00 2001 From: ANIL SINGLA Date: Thu, 13 Jun 2024 12:42:20 +0530 Subject: [PATCH] Added model files steps and code (#74) * updated message for couterfit steps execution for cloud deployments * bug fixes * added model repo and model file copy steps * implemented review comments --- playbooks/besman-counterfit-0.0.1-playbook.sh | 51 +++++++++++++++---- playbooks/besman-counterfit-0.0.1-steps.ipynb | 40 ++++++++++----- 2 files changed, 69 insertions(+), 22 deletions(-) diff --git a/playbooks/besman-counterfit-0.0.1-playbook.sh b/playbooks/besman-counterfit-0.0.1-playbook.sh index c9d690e..e7760a5 100644 --- a/playbooks/besman-counterfit-0.0.1-playbook.sh +++ b/playbooks/besman-counterfit-0.0.1-playbook.sh @@ -20,7 +20,17 @@ function __besman_init() { flag=true fi done - + + local status_code=$(curl -o /dev/null -s -w "%{http_code}\n" $BESMAN_ARTIFACT_URL) + if [ "$status_code" -ne 200 ]; then + __besman_echo_red "The $BESMAN_ARTIFACT_URL is not found." + __besman_echo_red "Create the model repository on github/gitlab and try again." + __besman_echo_red "Make the the following files available in repository." + __besman_echo_red " 1. $BESMAN_ARTIFACT_NAME.h5" + __besman_echo_red " 2. $BESMAN_ARTIFACT_NAME.npz" + __besman_echo_red " 3. $BESMAN_ARTIFACT_NAME.py" + return 1 + fi [[ ! -d $BESMAN_COUNTERFIT_LOCAL_PATH ]] && __besman_echo_red "counterfit not found at $BESMAN_COUNTERFIT_LOCAL_PATH" && flag="true" if [[ $flag == true ]]; then @@ -29,11 +39,9 @@ function __besman_init() { export DETAILED_REPORT_PATH="$BESMAN_ASSESSMENT_DATASTORE_DIR/models/$BESMAN_ARTIFACT_NAME/dast/$BESMAN_ARTIFACT_NAME-dast-summary-report.json" export OSAR_PATH="$BESMAN_ASSESSMENT_DATASTORE_DIR/models/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME-osar.json" __besman_fetch_steps_file "$steps_file_name" || return 1 + __besman_fetch_source || return 1 return 0 fi - - - } function __besman_execute() { @@ -76,7 +84,10 @@ function __besman_execute() { fi done - [[ ! -f $BESMAN_DIR/tmp/attack_id ]] && __besman_echo_red "Could not find attack_id, please complete the assessment steps of counterfit" && return 1 + [[ -z $COUNTERFIT_ATTACKID ]] && __besman_echo_red "Attack Id is not set. Required. Please set it and try again." && return 1 + [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/$BESMAN_ARTIFACT_NAME.py ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.py not copied to targets folder." && return 1 + [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.npz ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.npz not copied to targets folder." && return 1 + [[ ! -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.h5 ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.h5 not copied to targets folder." && return 1 local attack_id=$(cat $BESMAN_DIR/tmp/attack_id) @@ -110,11 +121,9 @@ function __besman_prepare() { __besman_echo_yellow "preparing data" EXECUTION_TIMESTAMP=$(date) export EXECUTION_TIMESTAMP - - mkdir -p "$BESMAN_ASSESSMENT_DATASTORE_DIR/models/$BESMAN_ARTIFACT_NAME/dast" - cp -f $BESMAN_COUNTERFIT_LOCAL_PATH/counterfit/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json $DETAILED_REPORT_PATH - - + + source ~/.bashrc + cp -f $BESMAN_COUNTERFIT_LOCAL_PATH/targets/results/${COUNTERFIT_ATTACKID}/run_summary.json $DETAILED_REPORT_PATH [[ ! -f $DETAILED_REPORT_PATH ]] && __besman_echo_red "Could not find report @ $DETAILED_REPORT_PATH" && return 1 @@ -180,3 +189,25 @@ function __besman_fetch_steps_file() { fi echo "Done fetching" } + +function __besman_fetch_source() { + echo "Fetching source file" + + __besman_check_url_valid "$BESMAN_ARTIFACT_URL" && __besman_echo_red "Not a valid url $BESMAN_ARTIFACT_URL." && return 1 + + git clone $BESMAN_ARTIFACT_URL + [[ ! -d $BESMAN_ARTIFACT_NAME ]] && __besman_echo_red "Not able to download the model repository." && return 1 + + #cp $BESMAN_ARTIFACT_NAME/counterfit/$BESMAN_ARTIFACT_NAME.py counterfit/targets/$BESMAN_ARTIFACT_NAME.py + #mkdir -p counterfit/targets/$BESMAN_ARTIFACT_NAME + #cp $BESMAN_ARTIFACT_NAME/counterfit/$BESMAN_ARTIFACT_NAME.npz counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.npz + #cp $BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.h5 counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.h5 + + #[[ ! -f counterfit/targets/$BESMAN_ARTIFACT_NAME.py ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.py not copied to targets folder." && return 1 + #[[ ! -f counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.npz ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.npz not copied to targets folder." && return 1 + #[[ ! -f counterfit/targets/$BESMAN_ARTIFACT_NAME/$BESMAN_ARTIFACT_NAME.h5 ]] && __besman_echo_red "$BESMAN_ARTIFACT_NAME.h5 not copied to targets folder." && return 1 + + rm -rf $BESMAN_ARTIFACT_NAME + + echo "Done fetching" +} diff --git a/playbooks/besman-counterfit-0.0.1-steps.ipynb b/playbooks/besman-counterfit-0.0.1-steps.ipynb index 4f58444..ae206a4 100644 --- a/playbooks/besman-counterfit-0.0.1-steps.ipynb +++ b/playbooks/besman-counterfit-0.0.1-steps.ipynb @@ -34,55 +34,71 @@ "\n", "Check the target to be accessed is present in list.\n", "\n", - "#### 5. Set the target\n", + "#### 5. Add new target. \\(This step is applicable only if the target is not available in list\\) \n", + "`new -n -d image`\n", + "\n", + " The new target name should be same as BESMAN_ARTIFACT_NAME and should have been git cloned. \n", + "\n", + "#### 6. Copy the model files to counterfit target. \\(This step is applicable only if the target is not available in list\\) \n", + "`cp -f /counterfit/.py counterfit/targets/.py`\n", + "`cp -f /counterfit/.npz counterfit/targets//.npz`\n", + "`cp -f /.h5 counterfit/targets//.h5`\n", + "\n", + "#### 7. List available targets\n", + "`list targets`\n", + "\n", + "Check the new target is present in list.\n", + "\n", + "#### 8. Set the target\n", "`set_target `\n", "\n", - "#### 6. List the availbale attacks\n", + "#### 9. List the availbale attacks\n", "`list attacks`\n", "\n", "verify that the required attack is available in list.\n", "\n", - "#### 7. Set the required attack.\n", + "#### 10. Set the required attack.\n", "`set_attack `\n", "\n", "This will display the attack id on the screen capture the attack id. We will need it later below.\n", "e.g\n", "\\[+\\] success: Using \\\n", "\n", - "#### 8. Test model without attack.\n", + "#### 11. Test model without attack.\n", "`predict -i `\n", "\n", "sample_index is the index of file given as input to the model under test. The model is provided with a set of input bundled in a .npz file (This file is expected to be created when we the tartget folder under counterfit is created). Based on the index number in this command the input will be feed to the model for prediction.\n", "\n", "Verify that the model predicts the output as expected.\n", "\n", - "#### 9. Now set the model prameters for attack.\n", + "#### 12. Now set the model prameters for attack.\n", "`set_params value\\\">`\n", "\n", "e.g set_params --sample_index=5 --max_eval 5000 --max_iter 10\n", "\n", "To know the parameters use `show options` command.\n", "\n", - "#### 10. Run the attcack\n", + "#### 13. Run the attcack\n", "`run`\n", "\n", - "#### 11. Check the model output now \n", + "#### 14. Check the model output now \n", "`predict -a`\n", "\n", - "#### 12. Save the results\n", + "#### 15. Save the results\n", "`save -r`\n", "\n", - "#### 13. Exit from conda\n", + "#### 16. Exit from conda\n", "`Exit counterfit`\n", "\n", - "#### 14. Deactivate Conda \n", + "#### 17. Deactivate Conda \n", "`conda deactivate`\n", "\n", - "#### 15. Saving the attack id captured above\n", + "#### 18. Export the attack id captured above\n", "\n", "Run the below command in the terminal to save the attack id.\n", "\n", - "`echo \"\" >> $BESMAN_DIR/tmp/attack_id`\n" + "`echo \"\" >> $BESMAN_DIR/tmp/attack_id`\n", + "\n" ] } ],