Methodology
How Ekushield measures robustness
No black box. Here's exactly what happens between uploading a dataset and getting a score.
1
Ingest & split
Your labeled dataset is parsed, features are standardized, and held into an 80/20 train/test split so the robustness score reflects unseen data, not memorized rows.
2
Train a comparable model
A model of matching family (logistic/linear for tabular data by default, with deep-model support via the API) is trained with gradient descent on the training split.
3
Sweep the perturbation budget
For each epsilon from 0 to 0.6, every test input is nudged by
ε · sign(∇ₓ loss) — the Fast Gradient Sign Method — and accuracy is recomputed on the perturbed set.
4
Report the critical epsilon
The smallest ε where accuracy drops below 50% becomes your headline number. No critical epsilon within the sweep range is reported as Low risk.
5
Rank hardening steps
Recommendations (adversarial training, input clipping, confidence-score throttling, ensembling) are ranked by expected effect on your specific critical epsilon.
Why FGSM first
A fast, honest baseline
FGSM is a single gradient step, not the strongest possible attack — that's deliberate. It's fast enough to run interactively, and if a model is vulnerable to a one-step attack, it is at least as vulnerable to the multi-step attacks (PGD, Carlini-Wagner) available on paid plans. We report FGSM results plainly rather than dressing up a single number as a complete audit.
Run it on your own data
The scanner runs client-side in your dashboard — try it with a free trial account.
Start free trial