tf-encrypted / moose

Secure distributed dataflow framework for encrypted machine learning and data processing
Apache License 2.0
58 stars 16 forks source link

Pymoose predictors: safety check number of features from ONNX files #996

Closed jvmncs closed 2 years ago

jvmncs commented 2 years ago

We should safety check that the number of features in the input type (i.e. n_features inferred from dummy data used by ONNX to trace the model) a user provided to their ONNX conversion function matches the number of features expected by the model itself, according to its ONNX file. This should be doable in the following cases:

For TreeEnsembleRegressor / TreeEnsembleClassifier, it seems to be only partially checkable; we verify that n_features provided by the ONNX input type is greater than the number of features inferred from the ONNX file, but not the other way around. The current code already checks this condition, so those predictors are out of scope for this issue.

yanndupis commented 2 years ago

This PR https://github.com/tf-encrypted/runtime/pull/1009 add safety checks for linear models. But we need to open a follow up PR for MLP and FullyConnectedNeuralNet models.