Deploy AI Firewall Realtime
This guide will cover how to configure the AI Firewall in the realtime use-case, which protects your model from “bad” input data.
AI Firewall Realtime detects bad incoming model inputs in near-real time. Similar to the AI Firewall Continuous Tests, AI Firewall Realtime is automatically trained from an AI Stress Testing run and can be used to wrap your model and protect it from “bad” incoming data.
In this walkthrough, we will be using the IEEE-CIS Fraud Detection dataset.
Overview
AI Firewall Realtime can be easily instantiated from an existing AI Stress Testing Run. You can also view a “simulation” of real-time events by running AI Firewall Continuous Tests.
Run AI Stress Testing on your model and datasets and configure AI Firewall
Review auto-configured AI Firewall Rules and Download
Process input data with the AI Firewall Realtime Python Package
Monitor events on RIME
1. Run AI Stress Testing
The first step in setting up AI Firewall Realtime is running AI Stress Testing and configuring an AI Firewall for a given project. These steps are very similar to steps 1-3 of the AI Firewall Continuous Tests tutorial.
rime-engine run-stress-tests --config-path examples/fraud/stress_tests_with_model.json
Next, click on “Configure AI Firewall” and fill out the details. The step is the same as step 3 in the Firewall Continuous Tests tutorial.
This step sets up an AI Firewall so that you can either use it in the Continuous Tests or Realtime setting.
2. Review auto-configured AI Firewall Rules and Download
AI Firewall Realtime is configured from a JSON configuration file (rules.json).
This configuration is auto-generated based on the model and datasets that you provided
to run AI Stress Testing.
In the Firewall configuration page, you’ll want to download the JSON configuration file.
To view and download the JSON configuration file, click on “Protect your model”.
Download the configuration file and place it in your rime_trial folder.
Copy example code and firewall endpoint and paste in your inference code
We provide an example to wrap your inference code with the Firewall code. The Firewall endpoint allows for incoming events to be monitored in the app.
You will also see a field called “Firewall Key” on the configuration page.
Keep this key in mind; we will be using it when we incorporate the firewall into the model inference code.
3. Setup a Firewall Realtime Client in a Jupyter Notebook
Within the tutorial directory, we’ll want to open up a Jupyter notebook.
pip install notebook
pip install ipykernel
python -m ipykernel install --user --name=rime-venv
jupyter notebook
When creating a new notebook, be sure to use the rime-venv kernel as opposed
to the default Python 3 kernel!
Load example dataset and model
Let’s add some helper preprocessing code to the notebook. Remember to make sure
that you create the notebook in your rime_trial folder!
import catboost as catb
import pickle
import pandas as pd
import os
RIME_PATH = os.path.abspath('.')
model = catb.CatBoostClassifier()
model.load_model(str(RIME_PATH + "/examples/fraud/fraud.catb"))
with open(RIME_PATH + "/examples/fraud/null_impute.pkl", "rb") as f:
null_impute = pickle.load(f)
def preprocess(x: dict):
"""Null impute categoricals."""
for col_name in x.keys():
if pd.isnull(x[col_name]) and col_name in null_impute.keys():
x[col_name] = null_impute[col_name]
return x
We now define the inference function (predict_dict):
# We now define our interface.
def predict_dict(x: dict):
"""Predict dict function."""
new_x = preprocess(x)
new_x = pd.DataFrame(new_x, index=[0])
return model.predict_proba(new_x)[0][1]
Now we are ready to initialize/run the Firewall in a real-time setting!
Running the AI Firewall Realtime with sample datapoints
Let’s first import the Firewall Realtime package:
from rime.tabular.firewall.base import TabularFirewall
from rime.tabular.firewall.uploader import FirewallUploader
from rime.core.client.firewall_client import FirewallClient
from rime.tabular import ModelTask
Let’s then instantiate a firewall object:
firewall_id = "$YOUR_FIREWALL_ID"
firewall_url = "$YOUR_FIREWALL_ENDPOINT"
upload_client = FirewallUploader.from_url(
firewall_id,
firewall_url,
)
fw_client = FirewallClient.from_cli_args(firewall_url)
firewall = TabularFirewall.from_components(
firewall_id,
"rules.json",
predict_dict=predict_dict,
model_task=ModelTask.BINARY_CLASSIFICATION,
upload_client=upload_client,
firewall_client=fw_client
)
Replace $YOUR_FIREWALL_ID with the Firewall ID from the configuration page.
4. Monitor events
Finally, let’s try to pass in a sample datapoint! Let’s get that from the
provided data (we assume that we are in the rime_trial directory):
test_df = pd.read_csv('examples/fraud/val.csv')
label_col = "isFraud"
test_df = test_df.drop(label_col, axis=1)
datapoint = test_df.iloc[0].to_dict()
The firewall surfaces a graph of “flagged” events. Datapoints that do not raise errors will not be logged in the UI. For this specific datapoint, let’s introduce a data corruption:
datapoint['Count_1'] = 100000
Now let’s run the firewall over this datapoint.
firewall_response = firewall.validate_single_and_upload(datapoint)
If you take a look at firewall_response.summary.action you’ll find that the Firewall has flagged the datapoint.
Once you have deployed your firewall, and input data are starting to roll in,
the AI Firewall will evaluate each and every data point, and output a decision:
flag, pass, impute, or block based on the rules criteria.
NOTE: Only non-passing datapoints will be shown in the UI. That way, you are only alerted on problematic datapoints.
5. Editing events
You may also choose to edit the configured action per Firewall rule. By default, a firewall rule is configured to “flag” the datapoint unless we found that the model raises errors from the corresponding abnormality, in which case we would configure a “block” action. Using the API functionality, you can set the flagged action.
from rime.tabular.schema import FirewallAction
firewall.set_flagged_action_for_rule(DataTestType.NUM_OUTLIER, FirewallAction.BLOCK)
This will edit the default action for the “Numeric Outliers” rule of the firewall, to “block”. We can then test this with the current datapoint.
datapoint = datapoint.copy()
del datapoint["addr1"]
firewall.validate_single_and_upload(datapoint)
If you navigate back to the “Realtime Events” tab on AI Firewall, you will see a new datapoint that has been blocked by the Firewall.
Troubleshooting
If you run into errors running this walkthrough, please reference the RIME Python Package section of our FAQ. Additionally, your RI representative will be happy to assist–feel free to reach out!