npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

node-prada

v1.0.4

Published

Node implementation of the PRADA defence mechanism. Reimagined from SSGAalto's Python implementation.

Downloads

4

Readme

Node PRADA

Implementation of the PRADA defence method for DNN’s in Node.js.

Ported from Python, by the Secure Systems Group (SSG) at Aalto University.

This package does not work as-is. The port is in progress, but mostly finished and viewable on github!

What is PRADA?

PRADA is a method to prevent model extraction attacks. Its primary purpose is to detect when abuse of commercialised predictive MLaaS is occurring by systematically evaluating incomming requests for their fit inside of a threat model that closely matches methods employed in extraction attacks.

How effective is this method?

It is highly recommended you read the entrity of the mentioned paper above to understand what the end result may look like from employing this method. In short, PRADA can be evaded, but doing so can seriously degrade the resulting model. The resolution to this problem is that stolen reproductions can often be inferior.

Implementation

This implementation is done through ES6 Classes. This may be either the easiest for you to implement, or may leave you in distress with performance depending on incalculable variables in your own setup. It is easy to extract the sentiment from what the code is attempting to do if you wish to include this in a more streamlined format.

Placement

You should aim to place this at a layer that deals with API requests to your MLaaS. If you have multiple endpoints, you should aim to designate an instance to purely handling this job, and having n(th) nodes report back. This method as described only works when it has the "full picture" of all inbound and outbound. You can not simply run multiple instances of this job as you will have isolated and independent values.

Dependencies

To install this package, you will need a fork of numjs from here. The original numjs package suffers from infrequent to mildly annoying dependencies issues due to their insistence (a silent one) on including sharp in their package, and failing to ensure it is kept up to date. The forked package removes it.

  • numjs => https://github.com/LKNSI/numjs
  • scipy => https://www.npmjs.com/package/scipy