SkProtect Pytorch
This document describes the installation and usage of the SkProtect product, which enables the generation of a protected model from a native trained model. This product is intended for internal use and does not need to be deployed in the end-user device.
SkProtect comes in different versions according to the ML framework supported. This documentation describes the version using the PyTorch framework.
Requirements
- Python 3.9
- pycryptodome 3.21.0
- If deploying in TorchScript, a compatible model with Torch 2.4.1, as well as compatibility with jitscript if exporting in the torchscript format. If exporting to ONNX from PyTorch, compatibility with ONNX instructions 1.16.0 and the Pytorch converter.
- If deploying using
torch.export AOTInductor, Torch>=2.6 is needed - If you need to run benchmarks and tests with onnxruntime, then onnxruntime > 1.18
Protecting an already quantized PyTorch model is not supported.
Installation (Python Wheel)
For direct use within a Python environment, SkProtect is installed with pip as a library from a wheel (.whl) file that has been previously transmitted to you. In your working environment, run the following command, replacing skyld-<version>-<variant>.whl with the wheel file name:
$ pip install [skyld-<version>-<variant>.whl]
If you are updating the product, it may be necessary to add the --force-reinstall argument to overwrite the old version (also reinstall dependencies). SkProtect is now installed and can be imported into your Python working environment.
All the python libraries required by the protections are installed when installing the .whl. To run the models using onnx, the onnxruntime package is required in addition to those installed automatically. It can be done using: pip install onnxruntime OR pip install onnxruntime-gpu