Update app.py

app.py

@@ -1,15 +1,15 @@
 import os
 import json
-import io
 import re
 import numpy as np
 import matplotlib
 matplotlib.use('Agg')
 import matplotlib.pyplot as plt
+from matplotlib.patches import FancyBboxPatch
 import gradio as gr
 
 # ========================================
-# 1. 数据加载
+# 1. Load Data
 # ========================================
 BASE_DIR = os.path.dirname(os.path.abspath(__file__))
 
@@ -20,12 +20,12 @@ def load_json(path):
 
 
 def clean_text(text):
-    """清理文本中的特殊字符和emoji，防止乱码"""
-    # 移除emoji和特殊Unicode字符
+    if not isinstance(text, str):
+        return str(text)
     text = re.sub(r'[\U00010000-\U0010ffff]', '', text)
-    # 移除其他可能导致乱码的字符
-    text = text.encode('utf-8', errors='ignore').decode('utf-8')
-    return text
+    text = re.sub(r'[\ufff0-\uffff]', '', text)
+    text = re.sub(r'[\u200b-\u200f\u2028-\u202f\u2060-\u206f\ufeff]', '', text)
+    return text.strip()
 
 
 member_data = load_json("data/member.json")
@@ -39,86 +39,75 @@ config = load_json("config.json")
 plt.rcParams['font.sans-serif'] = ['DejaVu Sans']
 plt.rcParams['axes.unicode_minus'] = False
 
-# 预取数值
+# Pre-fetch values
 bl_auc = mia_results.get('baseline', {}).get('auc', 0)
 s002_auc = mia_results.get('smooth_0.02', {}).get('auc', 0)
 s02_auc = mia_results.get('smooth_0.2', {}).get('auc', 0)
 op001_auc = perturb_results.get('perturbation_0.01', {}).get('auc', 0)
 op0015_auc = perturb_results.get('perturbation_0.015', {}).get('auc', 0)
 op002_auc = perturb_results.get('perturbation_0.02', {}).get('auc', 0)
-
 bl_acc = utility_results.get('baseline', {}).get('accuracy', 0) * 100
 s002_acc = utility_results.get('smooth_0.02', {}).get('accuracy', 0) * 100
 s02_acc = utility_results.get('smooth_0.2', {}).get('accuracy', 0) * 100
-
 bl_m_mean = mia_results.get('baseline', {}).get('member_loss_mean', 0.19)
 bl_nm_mean = mia_results.get('baseline', {}).get('non_member_loss_mean', 0.23)
 bl_m_std = mia_results.get('baseline', {}).get('member_loss_std', 0.03)
 bl_nm_std = mia_results.get('baseline', {}).get('non_member_loss_std', 0.03)
-
 model_name_str = config.get('model_name', 'Qwen/Qwen2.5-Math-1.5B-Instruct')
-gpu_name_str = config.get('gpu_name', 'T4')
 data_size_str = str(config.get('data_size', 2000))
-setup_date_str = config.get('setup_date', 'N/A')
 
 
 # ========================================
-# 2. 图表函数
+# 2. Chart Functions
 # ========================================
 
 def make_pie_chart():
-    task_counts = {}
+    tc = {}
     for item in member_data + non_member_data:
         t = item.get('task_type', 'unknown')
-        task_counts[t] = task_counts.get(t, 0) + 1
-    name_map = {
-        'calculation': 'Calculation',
-        'word_problem': 'Word Problem',
-        'concept': 'Concept Q&A',
-        'error_correction': 'Error Correction'
-    }
-    labels = [name_map.get(k, k) for k in task_counts]
-    sizes = list(task_counts.values())
+        tc[t] = tc.get(t, 0) + 1
+    nm = {'calculation': 'Calculation', 'word_problem': 'Word Problem',
+          'concept': 'Concept Q&A', 'error_correction': 'Error Correction'}
+    labels = [nm.get(k, k) for k in tc]
+    sizes = list(tc.values())
     colors = ['#5B8FF9', '#5AD8A6', '#F6BD16', '#E86452']
-    fig, ax = plt.subplots(figsize=(7, 5.5))
+    fig, ax = plt.subplots(figsize=(6, 5))
     wedges, texts, autotexts = ax.pie(
-        sizes, labels=labels, autopct='%1.1f%%',
-        colors=colors[:len(labels)],
-        startangle=90, textprops={'fontsize': 11},
-        wedgeprops={'edgecolor': 'white', 'linewidth': 2}
-    )
+        sizes, labels=labels, autopct='%1.1f%%', colors=colors[:len(labels)],
+        startangle=90, textprops={'fontsize': 10},
+        wedgeprops={'edgecolor': 'white', 'linewidth': 2})
     for t in autotexts:
-        t.set_fontsize(11)
+        t.set_fontsize(10)
         t.set_fontweight('bold')
-    ax.set_title('Task Type Distribution', fontsize=14, fontweight='bold', pad=12)
+    ax.set_title('Task Type Distribution', fontsize=13, fontweight='bold', pad=10)
     plt.tight_layout()
     return fig
 
 
 def make_loss_distribution():
-    plot_items = []
+    items = []
     for k, t in [('baseline', 'Baseline'), ('smooth_0.02', 'LS (e=0.02)'), ('smooth_0.2', 'LS (e=0.2)')]:
         if k in full_results:
             auc = mia_results.get(k, {}).get('auc', 0)
-            plot_items.append((k, t + " | AUC=" + f"{auc:.4f}"))
-    n = len(plot_items)
+            items.append((k, t + " | AUC=" + f"{auc:.4f}"))
+    n = len(items)
     if n == 0:
         fig, ax = plt.subplots()
         ax.text(0.5, 0.5, 'No data', ha='center')
         return fig
-    fig, axes = plt.subplots(1, n, figsize=(5.5 * n, 4.5))
+    fig, axes = plt.subplots(1, n, figsize=(5 * n, 4))
     if n == 1:
         axes = [axes]
-    for ax, (k, title) in zip(axes, plot_items):
+    for ax, (k, title) in zip(axes, items):
         m = full_results[k]['member_losses']
         nm = full_results[k]['non_member_losses']
         bins = np.linspace(min(min(m), min(nm)), max(max(m), max(nm)), 35)
         ax.hist(m, bins=bins, alpha=0.6, color='#5B8FF9', label='Member', density=True)
         ax.hist(nm, bins=bins, alpha=0.6, color='#E86452', label='Non-Member', density=True)
-        ax.set_title(title, fontsize=12, fontweight='bold')
-        ax.set_xlabel('Loss', fontsize=10)
-        ax.set_ylabel('Density', fontsize=10)
-        ax.legend(fontsize=9, framealpha=0.9)
+        ax.set_title(title, fontsize=11, fontweight='bold')
+        ax.set_xlabel('Loss', fontsize=9)
+        ax.set_ylabel('Density', fontsize=9)
+        ax.legend(fontsize=8)
         ax.grid(True, linestyle='--', alpha=0.3)
         ax.spines['top'].set_visible(False)
         ax.spines['right'].set_visible(False)
@@ -128,75 +117,59 @@ def make_loss_distribution():
 
 def make_auc_bar():
     methods, aucs, colors = [], [], []
-    items = [
-        ('baseline', 'Baseline', '#8C8C8C'),
-        ('smooth_0.02', 'LS (e=0.02)', '#5B8FF9'),
-        ('smooth_0.2', 'LS (e=0.2)', '#3D76DD'),
-    ]
-    for k, name, c in items:
+    for k, name, c in [('baseline', 'Baseline', '#8C8C8C'), ('smooth_0.02', 'LS (e=0.02)', '#5B8FF9'),
+                        ('smooth_0.2', 'LS (e=0.2)', '#3D76DD')]:
         if k in mia_results:
-            methods.append(name)
-            aucs.append(mia_results[k]['auc'])
-            colors.append(c)
-    p_items = [
-        ('perturbation_0.01', 'OP (s=0.01)', '#5AD8A6'),
-        ('perturbation_0.015', 'OP (s=0.015)', '#2EAD78'),
-        ('perturbation_0.02', 'OP (s=0.02)', '#1A7F5A'),
-    ]
-    for k, name, c in p_items:
+            methods.append(name); aucs.append(mia_results[k]['auc']); colors.append(c)
+    for k, name, c in [('perturbation_0.01', 'OP (s=0.01)', '#5AD8A6'),
+                        ('perturbation_0.015', 'OP (s=0.015)', '#2EAD78'),
+                        ('perturbation_0.02', 'OP (s=0.02)', '#1A7F5A')]:
         if k in perturb_results:
-            methods.append(name)
-            aucs.append(perturb_results[k]['auc'])
-            colors.append(c)
-    fig, ax = plt.subplots(figsize=(10, 5.5))
-    bars = ax.bar(methods, aucs, color=colors, width=0.52, edgecolor='white', linewidth=1.5)
+            methods.append(name); aucs.append(perturb_results[k]['auc']); colors.append(c)
+    fig, ax = plt.subplots(figsize=(9, 5))
+    bars = ax.bar(methods, aucs, color=colors, width=0.5, edgecolor='white', linewidth=1.5)
     for bar, a in zip(bars, aucs):
-        ax.text(bar.get_x() + bar.get_width() / 2, bar.get_height() + 0.003,
-                f'{a:.4f}', ha='center', va='bottom', fontsize=11, fontweight='bold')
-    ax.axhline(y=0.5, color='#E86452', linestyle='--', linewidth=1.5, alpha=0.7, label='Random Guess (0.5)')
-    ax.set_ylabel('MIA AUC', fontsize=12)
-    ax.set_title('Defense Mechanisms - AUC Comparison', fontsize=14, fontweight='bold')
-    ax.set_ylim(0.48, max(aucs) + 0.04 if aucs else 1.0)
-    ax.legend(fontsize=10)
+        ax.text(bar.get_x() + bar.get_width()/2, bar.get_height() + 0.003,
+                f'{a:.4f}', ha='center', va='bottom', fontsize=10, fontweight='bold')
+    ax.axhline(y=0.5, color='#E86452', linestyle='--', linewidth=1.5, alpha=0.6, label='Random Guess (0.5)')
+    ax.set_ylabel('MIA AUC', fontsize=11)
+    ax.set_title('Defense Mechanisms - AUC', fontsize=13, fontweight='bold')
+    ax.set_ylim(0.48, max(aucs) + 0.04 if aucs else 0.7)
+    ax.legend(fontsize=9)
     ax.grid(axis='y', linestyle='--', alpha=0.3)
     ax.spines['top'].set_visible(False)
     ax.spines['right'].set_visible(False)
-    plt.xticks(rotation=8)
+    plt.xticks(rotation=8, fontsize=9)
     plt.tight_layout()
     return fig
 
 
 def make_tradeoff():
-    fig, ax = plt.subplots(figsize=(9, 6.5))
-    points = []
-    for k, name, marker, color, sz in [
-        ('baseline', 'Baseline', 'o', '#8C8C8C', 200),
-        ('smooth_0.02', 'LS (e=0.02)', 's', '#5B8FF9', 180),
-        ('smooth_0.2', 'LS (e=0.2)', 's', '#3D76DD', 180)]:
+    fig, ax = plt.subplots(figsize=(8, 6))
+    pts = []
+    for k, name, mk, c, sz in [('baseline', 'Baseline', 'o', '#8C8C8C', 180),
+                                 ('smooth_0.02', 'LS (e=0.02)', 's', '#5B8FF9', 160),
+                                 ('smooth_0.2', 'LS (e=0.2)', 's', '#3D76DD', 160)]:
         if k in mia_results and k in utility_results:
-            points.append({'name': name, 'auc': mia_results[k]['auc'],
-                           'acc': utility_results[k]['accuracy'],
-                           'marker': marker, 'color': color, 'size': sz})
-    base_acc = utility_results.get('baseline', {}).get('accuracy', 0.633)
-    for k, name, marker, color, sz in [
-        ('perturbation_0.01', 'OP (s=0.01)', '^', '#5AD8A6', 190),
-        ('perturbation_0.02', 'OP (s=0.02)', '^', '#1A7F5A', 190)]:
+            pts.append({'n': name, 'a': mia_results[k]['auc'], 'c': utility_results[k]['accuracy'],
+                        'm': mk, 'co': c, 's': sz})
+    ba = utility_results.get('baseline', {}).get('accuracy', 0.633)
+    for k, name, mk, c, sz in [('perturbation_0.01', 'OP (s=0.01)', '^', '#5AD8A6', 170),
+                                 ('perturbation_0.02', 'OP (s=0.02)', '^', '#1A7F5A', 170)]:
         if k in perturb_results:
-            points.append({'name': name, 'auc': perturb_results[k]['auc'],
-                           'acc': base_acc, 'marker': marker, 'color': color, 'size': sz})
-    for p in points:
-        ax.scatter(p['acc'], p['auc'], label=p['name'], marker=p['marker'],
-                   color=p['color'], s=p['size'], edgecolors='white', linewidth=2, zorder=5)
+            pts.append({'n': name, 'a': perturb_results[k]['auc'], 'c': ba, 'm': mk, 'co': c, 's': sz})
+    for p in pts:
+        ax.scatter(p['c'], p['a'], label=p['n'], marker=p['m'], color=p['co'],
+                   s=p['s'], edgecolors='white', linewidth=2, zorder=5)
     ax.axhline(y=0.5, color='#BFBFBF', linestyle='--', alpha=0.8, label='Random Guess')
-    ax.set_xlabel('Model Utility (Accuracy)', fontsize=12, fontweight='bold')
-    ax.set_ylabel('Privacy Risk (MIA AUC)', fontsize=12, fontweight='bold')
-    ax.set_title('Privacy-Utility Trade-off', fontsize=14, fontweight='bold')
-    all_acc = [p['acc'] for p in points]
-    all_auc = [p['auc'] for p in points]
-    if all_acc and all_auc:
-        ax.set_xlim(min(all_acc) - 0.03, max(all_acc) + 0.05)
-        ax.set_ylim(min(min(all_auc), 0.5) - 0.02, max(all_auc) + 0.025)
-    ax.legend(loc='upper right', frameon=True, fontsize=9, fancybox=True)
+    ax.set_xlabel('Accuracy', fontsize=11, fontweight='bold')
+    ax.set_ylabel('MIA AUC', fontsize=11, fontweight='bold')
+    ax.set_title('Privacy-Utility Trade-off', fontsize=13, fontweight='bold')
+    aa = [p['c'] for p in pts]; ab = [p['a'] for p in pts]
+    if aa and ab:
+        ax.set_xlim(min(aa)-0.03, max(aa)+0.05)
+        ax.set_ylim(min(min(ab), 0.5)-0.02, max(ab)+0.025)
+    ax.legend(loc='upper right', fontsize=9, fancybox=True)
     ax.grid(True, alpha=0.2)
     ax.spines['top'].set_visible(False)
     ax.spines['right'].set_visible(False)
@@ -209,136 +182,96 @@ def make_accuracy_bar():
     for k, name, c in [('baseline', 'Baseline', '#8C8C8C'), ('smooth_0.02', 'LS (e=0.02)', '#5B8FF9'),
                         ('smooth_0.2', 'LS (e=0.2)', '#3D76DD')]:
         if k in utility_results:
-            names.append(name)
-            accs.append(utility_results[k]['accuracy'] * 100)
-            colors.append(c)
-    base_pct = utility_results.get('baseline', {}).get('accuracy', 0) * 100
+            names.append(name); accs.append(utility_results[k]['accuracy']*100); colors.append(c)
+    bp = utility_results.get('baseline', {}).get('accuracy', 0)*100
     for k, name, c in [('perturbation_0.01', 'OP (s=0.01)', '#5AD8A6'),
                         ('perturbation_0.02', 'OP (s=0.02)', '#1A7F5A')]:
         if k in perturb_results:
-            names.append(name)
-            accs.append(base_pct)
-            colors.append(c)
-    fig, ax = plt.subplots(figsize=(10, 5.5))
+            names.append(name); accs.append(bp); colors.append(c)
+    fig, ax = plt.subplots(figsize=(9, 5))
     bars = ax.bar(names, accs, color=colors, width=0.5, edgecolor='white', linewidth=1.5)
     for bar, acc in zip(bars, accs):
-        ax.text(bar.get_x() + bar.get_width() / 2, bar.get_height() + 0.6,
-                f'{acc:.1f}%', ha='center', va='bottom', fontsize=11, fontweight='bold')
-    ax.set_ylabel('Accuracy (%)', fontsize=12)
-    ax.set_title('Model Utility (300 Math Questions)', fontsize=14, fontweight='bold')
+        ax.text(bar.get_x()+bar.get_width()/2, bar.get_height()+0.6,
+                f'{acc:.1f}%', ha='center', va='bottom', fontsize=10, fontweight='bold')
+    ax.set_ylabel('Accuracy (%)', fontsize=11)
+    ax.set_title('Model Utility (300 Math Questions)', fontsize=13, fontweight='bold')
     ax.set_ylim(0, 100)
     ax.grid(axis='y', alpha=0.3)
     ax.spines['top'].set_visible(False)
     ax.spines['right'].set_visible(False)
-    plt.xticks(rotation=8)
+    plt.xticks(rotation=8, fontsize=9)
     plt.tight_layout()
     return fig
 
 
 def make_loss_gauge(loss_val, m_mean, nm_mean, threshold):
-    """生成精致的Loss位置可视化图表（替代粗糙的ASCII字符画）"""
-    fig, ax = plt.subplots(figsize=(8, 2.5))
-
-    # 绘制底部色条
-    x_min = min(m_mean - 3 * bl_m_std, loss_val - 0.01)
-    x_max = max(nm_mean + 3 * bl_nm_std, loss_val + 0.01)
-
-    # 成员区域（蓝色渐变）
-    ax.axvspan(x_min, threshold, alpha=0.15, color='#5B8FF9')
-    # 非成员区域（红色渐变）
-    ax.axvspan(threshold, x_max, alpha=0.15, color='#E86452')
-
-    # 阈值线
-    ax.axvline(x=threshold, color='#595959', linewidth=2, linestyle='-', zorder=3)
-    ax.text(threshold, 1.15, 'Threshold', ha='center', va='bottom', fontsize=9,
-            fontweight='bold', color='#595959', transform=ax.get_xaxis_transform())
-
-    # 成员均值标记
-    ax.axvline(x=m_mean, color='#5B8FF9', linewidth=1.5, linestyle='--', alpha=0.7)
-    ax.text(m_mean, -0.25, f'Member\n({m_mean:.4f})', ha='center', va='top', fontsize=8,
-            color='#5B8FF9', transform=ax.get_xaxis_transform())
-
-    # 非成员均值标记
-    ax.axvline(x=nm_mean, color='#E86452', linewidth=1.5, linestyle='--', alpha=0.7)
-    ax.text(nm_mean, -0.25, f'Non-Member\n({nm_mean:.4f})', ha='center', va='top', fontsize=8,
-            color='#E86452', transform=ax.get_xaxis_transform())
-
-    # 当前样本标记（大箭头）
-    is_member_zone = loss_val < threshold
-    marker_color = '#5B8FF9' if is_member_zone else '#E86452'
-    ax.plot(loss_val, 0.5, marker='v', markersize=18, color=marker_color, zorder=5,
+    fig, ax = plt.subplots(figsize=(8, 2.8))
+    x_min = min(m_mean - 3*bl_m_std, loss_val - 0.01)
+    x_max = max(nm_mean + 3*bl_nm_std, loss_val + 0.01)
+
+    ax.axvspan(x_min, threshold, alpha=0.12, color='#5B8FF9')
+    ax.axvspan(threshold, x_max, alpha=0.12, color='#E86452')
+    ax.axvline(x=threshold, color='#434343', linewidth=2, linestyle='-', zorder=3)
+    ax.text(threshold, 1.12, 'Threshold', ha='center', va='bottom', fontsize=9,
+            fontweight='bold', color='#434343', transform=ax.get_xaxis_transform())
+
+    ax.axvline(x=m_mean, color='#5B8FF9', linewidth=1.2, linestyle='--', alpha=0.6)
+    ax.text(m_mean, -0.28, f'Member Mean\n({m_mean:.4f})', ha='center', va='top',
+            fontsize=7.5, color='#5B8FF9', transform=ax.get_xaxis_transform())
+    ax.axvline(x=nm_mean, color='#E86452', linewidth=1.2, linestyle='--', alpha=0.6)
+    ax.text(nm_mean, -0.28, f'Non-Member Mean\n({nm_mean:.4f})', ha='center', va='top',
+            fontsize=7.5, color='#E86452', transform=ax.get_xaxis_transform())
+
+    in_member = loss_val < threshold
+    mc = '#5B8FF9' if in_member else '#E86452'
+    ax.plot(loss_val, 0.5, marker='v', markersize=16, color=mc, zorder=5,
             transform=ax.get_xaxis_transform())
-    label_text = f'Loss={loss_val:.4f}'
-    ax.text(loss_val, 0.75, label_text, ha='center', va='bottom', fontsize=10,
-            fontweight='bold', color=marker_color, transform=ax.get_xaxis_transform(),
-            bbox=dict(boxstyle='round,pad=0.3', facecolor='white', edgecolor=marker_color, alpha=0.9))
-
-    # 区域标签
-    member_center = (x_min + threshold) / 2
-    nonmember_center = (threshold + x_max) / 2
-    ax.text(member_center, 0.5, 'Member Zone', ha='center', va='center', fontsize=10,
-            color='#5B8FF9', fontweight='bold', alpha=0.6, transform=ax.get_xaxis_transform())
-    ax.text(nonmember_center, 0.5, 'Non-Member Zone', ha='center', va='center', fontsize=10,
-            color='#E86452', fontweight='bold', alpha=0.6, transform=ax.get_xaxis_transform())
+    ax.text(loss_val, 0.78, f'Loss={loss_val:.4f}', ha='center', va='bottom', fontsize=10,
+            fontweight='bold', color=mc, transform=ax.get_xaxis_transform(),
+            bbox=dict(boxstyle='round,pad=0.3', facecolor='white', edgecolor=mc, alpha=0.95))
+
+    mc_x = (x_min + threshold) / 2
+    nmc_x = (threshold + x_max) / 2
+    ax.text(mc_x, 0.5, 'Member Zone', ha='center', va='center', fontsize=10,
+            color='#5B8FF9', fontweight='bold', alpha=0.5, transform=ax.get_xaxis_transform())
+    ax.text(nmc_x, 0.5, 'Non-Member Zone', ha='center', va='center', fontsize=10,
+            color='#E86452', fontweight='bold', alpha=0.5, transform=ax.get_xaxis_transform())
 
     ax.set_xlim(x_min, x_max)
     ax.set_yticks([])
     ax.spines['top'].set_visible(False)
     ax.spines['right'].set_visible(False)
     ax.spines['left'].set_visible(False)
-    ax.set_xlabel('Loss Value', fontsize=10)
+    ax.set_xlabel('Loss Value', fontsize=9)
     plt.tight_layout()
     return fig
 
 
-def risk_badge(auc_val):
-    if auc_val > 0.62:
-        return "High"
-    elif auc_val > 0.55:
-        return "Medium"
-    else:
-        return "Low"
-
-
 # ========================================
-# 3. 回调函数
+# 3. Callbacks
 # ========================================
 
 def show_random_sample(data_type):
-    if data_type == "成员数据（训练集）":
-        data = member_data
-    else:
-        data = non_member_data
+    data = member_data if data_type == "成员数据（训练集）" else non_member_data
     sample = data[np.random.randint(0, len(data))]
     meta = sample['metadata']
-    task_map = {
-        'calculation': '基础计算',
-        'word_problem': '应用题',
-        'concept': '概念问答',
-        'error_correction': '错题订正'
-    }
-    info = (
-        "### 样本元信息（隐私字段）\n\n"
-        "| 字段 | 值 |\n"
-        "|------|-----|\n"
-        "| **姓名** | " + str(meta['name']) + " |\n"
-        "| **学号** | " + str(meta['student_id']) + " |\n"
-        "| **班级** | " + str(meta['class']) + " |\n"
-        "| **成绩** | " + str(meta['score']) + " 分 |\n"
-        "| **任务类型** | " + task_map.get(sample['task_type'], sample['task_type']) + " |\n\n"
-        "> 以上即为攻击者试图推断的 **学生隐私信息**\n"
+    task_map = {'calculation': '基础计算', 'word_problem': '应用题',
+                'concept': '概念问答', 'error_correction': '错题订正'}
+
+    info_md = (
+        "**截获的隐私元数据**\n\n"
+        "- **姓名**: " + clean_text(str(meta.get('name', ''))) + "\n"
+        "- **学号**: " + clean_text(str(meta.get('student_id', ''))) + "\n"
+        "- **班级**: " + clean_text(str(meta.get('class', ''))) + "\n"
+        "- **成绩**: " + clean_text(str(meta.get('score', ''))) + " 分\n"
+        "- **类型**: " + task_map.get(sample.get('task_type', ''), sample.get('task_type', '')) + "\n"
     )
-    return info, clean_text(sample['question']), clean_text(sample['answer'])
+    return info_md, clean_text(sample.get('question', '')), clean_text(sample.get('answer', ''))
 
 
 def run_mia_demo(sample_index, data_type):
-    if data_type == "成员数据（训练集）":
-        is_member = True
-        data = member_data
-    else:
-        is_member = False
-        data = non_member_data
-
+    is_member = (data_type == "成员数据（训练集）")
+    data = member_data if is_member else non_member_data
     idx = min(int(sample_index), len(data) - 1)
     sample = data[idx]
 
@@ -348,350 +281,239 @@ def run_mia_demo(sample_index, data_type):
     elif not is_member and idx < len(bl.get('non_member_losses', [])):
         loss = bl['non_member_losses'][idx]
     else:
-        if is_member:
-            loss = float(np.random.normal(bl_m_mean, 0.02))
-        else:
-            loss = float(np.random.normal(bl_nm_mean, 0.02))
+        loss = float(np.random.normal(bl_m_mean if is_member else bl_nm_mean, 0.02))
 
     threshold = (bl_m_mean + bl_nm_mean) / 2.0
     pred_member = (loss < threshold)
-    actual_member = is_member
-    attack_correct = (pred_member == actual_member)
+    attack_correct = (pred_member == is_member)
 
-    # 生成精致的可视化图表
     gauge_fig = make_loss_gauge(loss, bl_m_mean, bl_nm_mean, threshold)
 
+    # Build result card
     if pred_member:
-        pred_text = "是训练成员（Loss < 阈值，模型过于熟悉）"
-        pred_icon = "🔴"
+        pred_label = "训练成员"
+        pred_color = "🔴"
     else:
-        pred_text = "非训练成员（Loss >= 阈值，模型不熟悉）"
-        pred_icon = "🟢"
+        pred_label = "非训练成员"
+        pred_color = "🟢"
 
-    if actual_member:
-        actual_text = "是训练成员（此数据参与了训练）"
-        actual_icon = "🔴"
+    if is_member:
+        actual_label = "训练成员"
+        actual_color = "🔴"
     else:
-        actual_text = "非训练成员（此数据未参与训练）"
-        actual_icon = "🟢"
+        actual_label = "非训练成员"
+        actual_color = "🟢"
 
-    if attack_correct and pred_member and actual_member:
-        result_text = "**攻击成功 -- 隐私泄露**"
-        result_icon = "⚠️"
+    if attack_correct and pred_member and is_member:
+        verdict = "⚠️ **攻击成功: 发生了隐私泄露**"
+        verdict_detail = "模型对该样本过于熟悉（Loss低于阈值），攻击者成功判定其为训练集数据。"
     elif attack_correct:
-        result_text = "**判断正确**"
-        result_icon = "✅"
-    else:
-        result_text = "**攻击失误**"
-        result_icon = "❌"
-
-    if pred_member:
-        warning = (
-            "> **隐私风险** : 此样本 Loss = " + f"{loss:.4f}"
-            + " 低于阈值 " + f"{threshold:.4f}"
-            + "，模型对它过于熟悉，学生隐私可能被推断。"
-        )
+        verdict = "✅ **判断正确**"
+        verdict_detail = "攻击者的判定与真实身份一致。"
     else:
-        warning = (
-            "> **相对安全** : 此样本 Loss = " + f"{loss:.4f}"
-            + " 高于阈值 " + f"{threshold:.4f}"
-            + "，模型对其无特殊记忆。"
-        )
+        verdict = "❌ **攻击失误**"
+        verdict_detail = "攻击者的判定与真实身份不符。"
 
     result_md = (
-        "### Loss 计算结果\n\n"
-        "| 指标 | 值 |\n"
-        "|------|-----|\n"
-        "| 样本 Loss | " + f"{loss:.6f}" + " |\n"
-        "| 判定阈值 | " + f"{threshold:.6f}" + " |\n"
-        "| 成员平均 Loss | " + f"{bl_m_mean:.6f}" + " |\n"
-        "| 非成员平均 Loss | " + f"{bl_nm_mean:.6f}" + " |\n\n"
-        "### 攻击判定\n\n"
-        "| 项目 | 结果 |\n"
-        "|------|------|\n"
-        "| 攻击者预测 | " + pred_icon + " " + pred_text + " |\n"
-        "| 实际身份 | " + actual_icon + " " + actual_text + " |\n"
-        "| 攻击结果 | " + result_icon + " " + result_text + " |\n\n"
-        + warning + "\n"
+        verdict + "\n\n"
+        + verdict_detail + "\n\n"
+        "| | 攻击者计算得出 | 系统真实身份 |\n"
+        "|---|---|---|\n"
+        "| 判定 | " + pred_color + " " + pred_label + " | " + actual_color + " " + actual_label + " |\n"
+        "| Loss | " + f"{loss:.4f}" + " | Threshold: " + f"{threshold:.4f}" + " |\n"
     )
 
-    question_display = "**第 " + str(idx) + " 号样本 :**\n\n" + clean_text(sample['question'][:600])
-    return question_display, gauge_fig, result_md
+    q_text = "**样本追���号 [" + str(idx) + "] :**\n\n" + clean_text(sample.get('question', ''))[:500]
+    return q_text, gauge_fig, result_md
 
 
 # ========================================
-# 4. 构建界面
+# 4. Build Interface
 # ========================================
 
-custom_css = """
-/* 整体容器 */
+CSS = """
 .gradio-container {
     max-width: 1200px !important;
     margin: auto !important;
-    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif !important;
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "PingFang SC", "Microsoft YaHei", sans-serif !important;
 }
-
-/* Tab 按钮 */
 .tab-nav button {
     font-size: 14px !important;
-    padding: 10px 16px !important;
+    padding: 10px 20px !important;
     font-weight: 500 !important;
     border-radius: 8px 8px 0 0 !important;
+    transition: all 0.2s !important;
 }
 .tab-nav button.selected {
     font-weight: 700 !important;
+    color: #5B8FF9 !important;
     border-bottom: 3px solid #5B8FF9 !important;
 }
-
-/* 标题样式 */
 .prose h1 {
-    font-size: 1.8rem !important;
+    font-size: 1.6rem !important;
     color: #1a1a2e !important;
-    border-bottom: 2px solid #5B8FF9 !important;
-    padding-bottom: 8px !important;
+    letter-spacing: -0.02em !important;
 }
 .prose h2 {
-    font-size: 1.35rem !important;
+    font-size: 1.25rem !important;
     color: #16213e !important;
-    margin-top: 1.2em !important;
+    margin-top: 1.5em !important;
+    padding-bottom: 0.3em !important;
+    border-bottom: 1px solid #e8e8e8 !important;
 }
 .prose h3 {
-    font-size: 1.1rem !important;
-    color: #0f3460 !important;
-}
-
-/* 表格美化 */
-.prose table {
-    border-collapse: collapse !important;
-    width: 100% !important;
-    font-size: 0.9rem !important;
+    font-size: 1.05rem !important;
+    color: #333 !important;
 }
+.prose table { font-size: 0.88rem !important; }
 .prose th {
     background: #f0f5ff !important;
-    color: #1a1a2e !important;
     font-weight: 600 !important;
-    padding: 10px 14px !important;
-}
-.prose td {
-    padding: 8px 14px !important;
-    border-bottom: 1px solid #eee !important;
+    padding: 8px 12px !important;
 }
-
-/* 引用块 */
+.prose td { padding: 7px 12px !important; }
 .prose blockquote {
     border-left: 4px solid #5B8FF9 !important;
     background: #f7f9fc !important;
-    padding: 12px 16px !important;
-    margin: 12px 0 !important;
+    padding: 10px 14px !important;
     border-radius: 0 6px 6px 0 !important;
+    font-size: 0.92rem !important;
 }
-
-/* 隐藏底部 */
 footer { display: none !important; }
 """
 
+with gr.Blocks(title="教育大模型隐私攻防", theme=gr.themes.Soft(
+    primary_hue="blue", secondary_hue="sky", neutral_hue="slate"), css=CSS) as demo:
 
-with gr.Blocks(
-    title="教育大模型隐私攻防实验",
-    theme=gr.themes.Soft(primary_hue="blue", secondary_hue="sky", neutral_hue="slate"),
-    css=custom_css
-) as demo:
-
-    # ============================
-    # 顶部
-    # ============================
     gr.Markdown(
         "# 教育大模型中的成员推理攻击及其防御研究\n\n"
         "> 探究教育场景下大语言模型的隐私泄露风险，"
-        "验证 **标签平滑** 与 **输出扰动** 两种防御策略的有效性及其对模型效用的影响。\n"
-    )
+        "验证标签平滑与输出扰动两种防御策略的有效性。\n")
 
-    # ============================
-    # Tab 1: 项目概览
-    # ============================
+    # --- Tab 1 ---
     with gr.Tab("项目概览"):
         gr.Markdown(
             "## 研究背景\n\n"
-            "随着大语言模型在教育领域的广泛应用（智能辅导系统、个性化学习推荐等），"
-            "模型训练过程中不可避免地接触到学生敏感数据。"
-            "**成员推理攻击 (Membership Inference Attack, MIA)** 可以判断某条数据是否参与了模型训练，"
-            "进而推断学生的隐私信息。\n\n"
+            "大语言模型在教育领域的应用日益广泛，模型训练过程中不可避免地接触到学生敏感数据。"
+            "**成员推理攻击 (MIA)** 能够判断某条数据是否参与了模型训练，构成隐私威胁。\n\n"
             "---\n\n"
-            "## 研究设计\n\n"
-            "| 阶段 | 内容 | 说明 |\n"
+            "## 实验设计\n\n"
+            "| 阶段 | 内容 | 方法 |\n"
             "|------|------|------|\n"
-            "| 数据准备 | 2000条小学数学辅导对话 | 含姓名、学号、班级、成绩等隐私字段 |\n"
-            "| 模型训练 | Qwen2.5-Math-1.5B + LoRA | 基线模型 + 标签平滑模型 (e=0.02, 0.2) |\n"
-            "| 攻击测试 | Loss-based MIA | 利用模型输出Loss判断成员身份 |\n"
-            "| 训练期防御 | 标签平滑 | 软化训练标签，降低模型对训练数据的记忆程度 |\n"
-            "| 推理期防御 | 输出扰动 | 在推理阶段对输出Loss添加高斯噪声 |\n"
-            "| 综合评估 | 隐私-��用权衡分析 | AUC（隐私风险）+ 准确率（模型效用）|\n\n"
+            "| 数据准备 | 2000条数学辅导对话 | 模板化生成，含隐私字段 |\n"
+            "| 模型训练 | Qwen2.5-Math + LoRA | 基线 + 标签平滑 (e=0.02, 0.2) |\n"
+            "| MIA攻击 | Loss-based攻击 | 计算全样本Loss，AUC评估 |\n"
+            "| 输出扰动 | 推理期防御 | 对Loss加高斯噪声 (s=0.01~0.02) |\n"
+            "| 效用评估 | 300道数学测试题 | 准确率评估 |\n"
+            "| 综合分析 | 隐私-效用权衡 | 散点图 + 定量对比 |\n\n"
             "---\n\n"
             "## 实验配置\n\n"
-            "| 配置项 | 值 |\n"
-            "|--------|-----|\n"
+            "| 项 | 值 |\n"
+            "|---|---|\n"
             "| 基座模型 | " + model_name_str + " |\n"
-            "| 微调方法 | LoRA (r=8, alpha=16, target: q/k/v/o_proj) |\n"
+            "| 微调 | LoRA (r=8, alpha=16) |\n"
             "| 训练轮数 | 10 epochs |\n"
-            "| 数据总量 | " + data_size_str + " 条 (成员1000 + 非成员1000) |\n"
-            "| GPU | " + gpu_name_str + " |\n\n"
-            "---\n\n"
-            "## 技术路线\n\n"
-            "| 步骤 | 阶段 | 方法 | 输出 |\n"
-            "|------|------|------|------|\n"
-            "| 1 | 数据生成 | 模板化生成2000条对话 | member.json + non_member.json |\n"
-            "| 2 | 基线训练 | LoRA微调Qwen2.5-Math | baseline模型 |\n"
-            "| 3 | 防御训练 | 标签平滑 (e=0.02, e=0.2) | smooth模型 x2 |\n"
-            "| 4 | MIA攻击 | 计算全量样本Loss，AUC评估 | mia_results.json |\n"
-            "| 5 | 输出扰动 | 对baseline Loss加高斯噪声 (s=0.01~0.02) | perturbation_results.json |\n"
-            "| 6 | 效用评估 | 300道数学测试题 | utility_results.json |\n"
-            "| 7 | 综合分析 | 隐私-效用权衡图 | 研究结论 |\n"
-        )
-
-    # ============================
-    # Tab 2: 数据展示
-    # ============================
-    with gr.Tab("数据展示"):
-        gr.Markdown(
-            "## 数据集概况\n\n"
-            "- **成员数据（训练集）**: 1000条，用于模型微调训练\n"
-            "- **非成员数据（测试集）**: 1000条，不参与训练，作为MIA攻击的对照组\n"
-            "- 每条数据均包含学生隐私字段（姓名、学号、班级、成绩），模拟真实教育场景\n"
-        )
+            "| 数据量 | " + data_size_str + " 条 |\n")
 
+    # --- Tab 2 ---
+    with gr.Tab("数据展示"):
+        gr.Markdown("## 数据集概况\n\n"
+                    "成员1000条（训练集）+ 非成员1000条（对照组），每条含学生隐私字段。\n")
         with gr.Row():
             with gr.Column(scale=1):
-                gr.Markdown("### 任务类型分布")
-                gr.Plot(value=make_pie_chart())
+                gr.Plot(value=make_pie_chart(), label="图表")
             with gr.Column(scale=1):
-                gr.Markdown("### 随机查看样本")
-                data_sel = gr.Radio(
-                    choices=["成员数据（训练集）", "非成员数据（测试集）"],
-                    value="成员数据（训练集）",
-                    label="数据类型"
-                )
-                sample_btn = gr.Button("随机抽取样本", variant="primary")
-
-        sample_info = gr.Markdown()
+                gr.Markdown("**选择靶向数据池**")
+                data_sel = gr.Radio(["成员数据（训练集）", "非成员数据（测试集）"],
+                                    value="成员数据（训练集）", label="")
+                sample_btn = gr.Button("随机提取", variant="primary")
+                sample_info = gr.Markdown()
+
+        gr.Markdown("---\n\n**原始对话内容**")
         with gr.Row():
-            sample_q = gr.Textbox(label="学生提问", lines=6, interactive=False)
-            sample_a = gr.Textbox(label="模型回答", lines=6, interactive=False)
-
-        sample_btn.click(
-            fn=show_random_sample,
-            inputs=[data_sel],
-            outputs=[sample_info, sample_q, sample_a]
-        )
-
-    # ============================
-    # Tab 3: MIA攻击演示
-    # ============================
+            sample_q = gr.Textbox(label="学生提问 (Prompt)", lines=5, interactive=False)
+            sample_a = gr.Textbox(label="模型回答 (Ground Truth)", lines=5, interactive=False)
+
+        sample_btn.click(show_random_sample, [data_sel], [sample_info, sample_q, sample_a])
+
+    # --- Tab 3 ---
     with gr.Tab("MIA攻击演示"):
         gr.Markdown(
-            "## 成员推理攻击演示\n\n"
-            "**原理**: 模型对训练过的数据产生更低的Loss，"
-            "攻击者利用Loss与阈值的比较判断样本是否为训练成员。\n\n"
-            "1. 选择数据来源 (成员 / 非成员)\n"
-            "2. 拖动滑块选择样本编号\n"
-            "3. 点击 **执行攻击**\n"
-        )
+            "## 发起成员推理攻击\n\n"
+            "调整下方滑块选择一条数据，系统将计算该条数据的 Loss 值并实施判定。\n")
 
         with gr.Row():
             with gr.Column(scale=1):
-                atk_data_type = gr.Radio(
-                    choices=["成员数据（训练集）", "非成员数据（测试集）"],
-                    value="成员数据（训练集）",
-                    label="数据来源"
-                )
-                atk_index = gr.Slider(
-                    minimum=0, maximum=999, step=1, value=0,
-                    label="样本编号 (0-999)"
-                )
-                atk_btn = gr.Button("执行MIA攻击", variant="primary", size="lg")
-            with gr.Column(scale=1):
+                atk_type = gr.Radio(["成员数据（训练集）", "非成员数据（测试集）"],
+                                    value="成员数据（训练集）", label="模拟真实数据来源")
+                atk_idx = gr.Slider(0, 999, step=1, value=0, label="样本游标 ID (0-999)")
+                atk_btn = gr.Button("执行成员推理攻击", variant="primary", size="lg")
                 atk_question = gr.Markdown()
 
-        atk_gauge = gr.Plot(label="Loss位置可视化")
-        atk_result = gr.Markdown()
+            with gr.Column(scale=1):
+                gr.Markdown("**攻击侦测控制台**")
+                atk_gauge = gr.Plot(label="Loss 分布雷达")
+                atk_result = gr.Markdown()
 
-        atk_btn.click(
-            fn=run_mia_demo,
-            inputs=[atk_index, atk_data_type],
-            outputs=[atk_question, atk_gauge, atk_result]
-        )
+        atk_btn.click(run_mia_demo, [atk_idx, atk_type], [atk_question, atk_gauge, atk_result])
 
-    # ============================
-    # Tab 4: 防御对比
-    # ============================
+    # --- Tab 4 ---
     with gr.Tab("防御对比"):
         gr.Markdown(
             "## 防御策略效果对比\n\n"
             "| 策略 | 类型 | 原理 | 优势 | 局限 |\n"
             "|------|------|------|------|------|\n"
-            "| 标签平滑 | 训练期 | 软化one-hot标签，抑制过拟合 | 从根���降低模型记忆 | 可能影响模型效用 |\n"
-            "| 输出扰动 | 推理期 | 对输出Loss添加高斯噪声 | 零效用损失，即插即用 | 仅遮蔽统计信号 |\n"
-        )
+            "| 标签平滑 | 训练期 | 软化训练标签 | 降低过拟合 | 可能影响效用 |\n"
+            "| 输出扰动 | 推理期 | Loss加噪声 | 零效用损失 | 仅遮蔽信号 |\n")
 
         with gr.Row():
             with gr.Column():
-                gr.Markdown("### AUC对比（所有防御策略）")
-                gr.Plot(value=make_auc_bar())
+                gr.Plot(value=make_auc_bar(), label="AUC对比")
             with gr.Column():
-                gr.Markdown("### Loss分布对比")
-                gr.Plot(value=make_loss_distribution())
-
-        table = (
-            "### 实验结果汇总\n\n"
-            "| 策略 | 类型 | AUC | 风险等级 |\n"
-            "|------|------|-----|----------|\n"
-        )
-        for k, name, cat in [('baseline', '基线 (无防御)', '--'),
-                              ('smooth_0.02', '标签平滑 (e=0.02)', '训练期'),
+                gr.Plot(value=make_loss_distribution(), label="Loss分布")
+
+        tbl = (
+            "### 结果汇总\n\n"
+            "| 策略 | 类型 | AUC | 准确率 |\n"
+            "|------|------|-----|--------|\n")
+        for k, name, cat in [('baseline', '基线', '--'), ('smooth_0.02', '标签平滑 (e=0.02)', '训练期'),
                               ('smooth_0.2', '标签平滑 (e=0.2)', '训练期')]:
             if k in mia_results:
                 a = mia_results[k]['auc']
-                table += "| " + name + " | " + cat + " | " + f"{a:.4f}" + " | " + risk_badge(a) + " |\n"
-        for k, name in [('perturbation_0.01', '输出扰动 (s=0.01)'),
-                         ('perturbation_0.015', '输出扰动 (s=0.015)'),
+                acc = utility_results.get(k, {}).get('accuracy', 0) * 100
+                tbl += "| " + name + " | " + cat + " | " + f"{a:.4f}" + " | " + f"{acc:.1f}" + "% |\n"
+        for k, name in [('perturbation_0.01', '输出扰动 (s=0.01)'), ('perturbation_0.015', '输出扰动 (s=0.015)'),
                          ('perturbation_0.02', '输出扰动 (s=0.02)')]:
             if k in perturb_results:
                 a = perturb_results[k]['auc']
-                table += "| " + name + " | 推理期 | " + f"{a:.4f}" + " | " + risk_badge(a) + " |\n"
-        gr.Markdown(table)
+                tbl += "| " + name + " | 推理期 | " + f"{a:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n"
+        gr.Markdown(tbl)
 
-    # ============================
-    # Tab 5: 防御详解（标签平滑 + 输出扰动）
-    # ============================
+    # --- Tab 5 ---
     with gr.Tab("防御详解"):
         gr.Markdown(
-            "## 防御策略详解\n\n"
-            "---\n\n"
-            "### 一、标签平滑 (Label Smoothing)\n\n"
-            "**类型** : 训练期防御\n\n"
-            "**原理** : 将训练标签从硬标签 (one-hot) 转换为软标签，"
-            "降低模型对训练样本的过度拟合程度，从而缩小成员与非成员之间的Loss差异。\n\n"
-            "**公式** : y_smooth = (1 - e) * y_onehot + e / V\n\n"
-            "其中 e 为平滑系数，V 为词汇表大小。\n\n"
-            "| 参数 | AUC | 准确率 | 分析 |\n"
-            "|------|-----|--------|------|\n"
-            "| 基线 (e=0) | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% | 无防御，MIA风险较高 |\n"
-            "| e=0.02 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}" + "% | 温和防御，效用保持良好 |\n"
-            "| e=0.2 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}" + "% | 强力防御，AUC显著下降 |\n\n"
+            "## 标签平滑 (Label Smoothing)\n\n"
+            "**类型**: 训练期防御\n\n"
+            "将训练标签从硬标签 (one-hot) 转换为软标签，降低模型对训练样本的过度拟合。\n\n"
+            "y_smooth = (1 - e) * y_onehot + e / V\n\n"
+            "| 参数 | AUC | 准确率 |\n"
+            "|------|-----|--------|\n"
+            "| 基线 (e=0) | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% |\n"
+            "| e=0.02 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}" + "% |\n"
+            "| e=0.2 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}" + "% |\n\n"
             "---\n\n"
-            "### 二、输出扰动 (Output Perturbation)\n\n"
-            "**类型** : 推理期防御\n\n"
-            "**原理** : 在推理阶段对模型返回的Loss值添加高斯噪声，"
-            "模糊成员与非成员之间的统计差异，使攻击者难以准确判别。\n\n"
-            "**公式** : Loss_perturbed = Loss_original + N(0, s^2)\n\n"
-            "**核心优势** : 不修改模型参数，准确率完全不变。\n\n"
+            "## 输出扰动 (Output Perturbation)\n\n"
+            "**类型**: 推理期防御\n\n"
+            "在推理阶段对Loss值注入高斯噪声，不修改模型参数，准确率完全不变。\n\n"
+            "Loss_perturbed = Loss_original + N(0, s^2)\n\n"
             "| 参数 | AUC | AUC降幅 | 准确率 |\n"
             "|------|-----|---------|--------|\n"
-            "| 基线 (s=0) | " + f"{bl_auc:.4f}" + " | -- | " + f"{bl_acc:.1f}" + "% |\n"
-            "| s=0.01 | " + f"{op001_auc:.4f}" + " | " + f"{bl_auc - op001_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n"
-            "| s=0.015 | " + f"{op0015_auc:.4f}" + " | " + f"{bl_auc - op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n"
-            "| s=0.02 | " + f"{op002_auc:.4f}" + " | " + f"{bl_auc - op002_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n\n"
+            "| 基线 | " + f"{bl_auc:.4f}" + " | -- | " + f"{bl_acc:.1f}" + "% |\n"
+            "| s=0.01 | " + f"{op001_auc:.4f}" + " | " + f"{bl_auc-op001_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n"
+            "| s=0.015 | " + f"{op0015_auc:.4f}" + " | " + f"{bl_auc-op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n"
+            "| s=0.02 | " + f"{op002_auc:.4f}" + " | " + f"{bl_auc-op002_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% (不变) |\n\n"
             "---\n\n"
-            "### 三、综合对比\n\n"
+            "## 综合对比\n\n"
             "| 维度 | 标签平滑 | 输出扰动 |\n"
             "|------|---------|----------|\n"
             "| 作用阶段 | 训练期 | 推理期 |\n"
@@ -699,117 +521,72 @@ with gr.Blocks(
             "| 对效用的影响 | 可能有影响 | 无影响 |\n"
             "| 防御机制 | 降低过拟合 | 遮蔽统计信号 |\n"
             "| 可叠加使用 | 是 | 是 |\n\n"
-            "> **推荐方案** : 标签平滑 (e=0.02) + 输出扰动 (s=0.02) 双重防护\n"
-        )
+            "> 推荐方案: 标签平滑 (e=0.02) + 输出扰动 (s=0.02) 双重防护\n")
 
-    # ============================
-    # Tab 6: 效用评估
-    # ============================
+    # --- Tab 6 ---
     with gr.Tab("效用评估"):
-        gr.Markdown(
-            "## 模型效用评估\n\n"
-            "> 测试集: 300道数学题，覆盖基础计算、应用题、概念问答三类任务。\n"
-        )
-
+        gr.Markdown("## 效用评估\n\n> 测试集: 300道数学题\n")
         with gr.Row():
             with gr.Column():
-                gr.Markdown("### 准确率对比")
-                gr.Plot(value=make_accuracy_bar())
+                gr.Plot(value=make_accuracy_bar(), label="准确率")
             with gr.Column():
-                gr.Markdown("### 隐私-效用权衡")
-                gr.Plot(value=make_tradeoff())
-
-        ut = (
-            "### 效用评估详情\n\n"
-            "| 策略 | 准确率 | AUC | 风险等级 | 效用影响 |\n"
-            "|------|--------|-----|---------|----------|\n"
-        )
-        for k, name in [('baseline', '基线'), ('smooth_0.02', '标签平滑 (e=0.02)'),
-                         ('smooth_0.2', '标签平滑 (e=0.2)')]:
-            if k in utility_results and k in mia_results:
-                acc = utility_results[k]['accuracy'] * 100
-                auc = mia_results[k]['auc']
-                impact = "--" if k == 'baseline' else ("提升" if acc > bl_acc else "下降")
-                ut += "| " + name + " | " + f"{acc:.1f}" + "% | " + f"{auc:.4f}" + " | " + risk_badge(auc) + " | " + impact + " |\n"
-        for k, name in [('perturbation_0.01', '输出扰动 (s=0.01)'), ('perturbation_0.02', '输出扰动 (s=0.02)')]:
-            if k in perturb_results:
-                ut += "| " + name + " | " + f"{bl_acc:.1f}" + "% | " + f"{perturb_results[k]['auc']:.4f}" + " | " + risk_badge(perturb_results[k]['auc']) + " | 无影响 |\n"
-        gr.Markdown(ut)
+                gr.Plot(value=make_tradeoff(), label="隐私-效用权衡")
 
-    # ============================
-    # Tab 7: 论文图表
-    # ============================
+    # --- Tab 7 ---
     with gr.Tab("论文图表"):
         gr.Markdown("## 学术图表 (300 DPI)")
-        for fn, cap in [("fig1_loss_distribution_comparison.png", "图1 : Loss分布对比"),
-                         ("fig2_privacy_utility_tradeoff_fixed.png", "图2 : 隐私-效用权衡"),
-                         ("fig3_defense_comparison_bar.png", "图3 : 防御效果柱状图")]:
-            path = os.path.join(BASE_DIR, "figures", fn)
-            if os.path.exists(path):
+        for fn, cap in [("fig1_loss_distribution_comparison.png", "图1: Loss分布对比"),
+                         ("fig2_privacy_utility_tradeoff_fixed.png", "图2: 隐私-效用权衡"),
+                         ("fig3_defense_comparison_bar.png", "图3: 防御效果柱状图")]:
+            p = os.path.join(BASE_DIR, "figures", fn)
+            if os.path.exists(p):
                 gr.Markdown("### " + cap)
-                gr.Image(value=path, show_label=False, height=420)
+                gr.Image(value=p, show_label=False, height=400)
                 gr.Markdown("---")
-            else:
-                gr.Markdown("### " + cap + "\n\n> 文件未找到: " + fn)
 
-    # ============================
-    # Tab 8: 研究结论
-    # ============================
+    # --- Tab 8 ---
     with gr.Tab("研究结论"):
         gr.Markdown(
             "## 研究结论\n\n"
             "---\n\n"
             "### 一、教育大模型面临显著的成员推理攻击风险\n\n"
-            "实验结果表明，基于Qwen2.5-Math-1.5B经LoRA微调的教育辅导模型，"
-            "在面对基于Loss的成员推理攻击时，AUC达到 **" + f"{bl_auc:.4f}" + "**，"
-            "显著高于随机猜测基准 (0.5)。这意味着攻击者仅通过观察模型对某一样本的输出置信度，"
+            "实验结果表明，经LoRA微调的教育辅导模型在面对基于Loss的成员推理攻击时，"
+            "AUC达到 " + f"{bl_auc:.4f}" + "，显著高于随机猜测基准(0.5)。"
+            "这意味着攻击者仅通过观察模型对某一样本的输出置信度，"
             "即可以高于随机的概率推断该样本是否被纳入训练集。"
-            "在教育场景中，训练数据通常包含学生的姓名、学号、学业成绩等敏感信息，"
-            "上述攻击能力构成了切实的隐私威胁。\n\n"
+            "在教育场景中，训练数据通常包含学生姓名、学号、学业成绩等敏感信息，"
+            "该攻击能力构成了切实的隐私威胁。\n\n"
             "---\n\n"
-            "### 二、标签平滑作为训练期防御策略的有效性与局限性\n\n"
+            "### 二、标签平滑的有效性与局限性\n\n"
             "标签平滑通过软化训练标签分布，抑制模型对训练样本的过度拟合，"
-            "从而缩��成员与非成员之间的Loss分布差异。实验中:\n\n"
-            "- **e=0.02** (温和平滑): AUC从 " + f"{bl_auc:.4f}" + " 降至 " + f"{s002_auc:.4f}"
-            + "，准确率为 " + f"{s002_acc:.1f}" + "%，在隐私保护与效用保持之间取得了较好的平衡。\n"
-            "- **e=0.2** (强力平滑): AUC进一步降至 " + f"{s02_auc:.4f}"
-            + "，防御效果更为显著，准确率为 " + f"{s02_acc:.1f}" + "%。\n\n"
-            "该结果揭示了标签平滑系数的选取需在隐私保护强度与模型效用之间进行权衡。"
-            "过小的平滑系数防御效果有限，而过大的系数可能影响模型在下游任务上的表现。\n\n"
+            "缩小成员与非成员之间的Loss分布差异。\n\n"
+            "- e=0.02: AUC从" + f"{bl_auc:.4f}" + "降至" + f"{s002_auc:.4f}"
+            + "，准确率" + f"{s002_acc:.1f}" + "%，隐私保护与效用保持间取得较好平衡。\n"
+            "- e=0.2: AUC进一步降至" + f"{s02_auc:.4f}"
+            + "，防御效果更为显著，准确率" + f"{s02_acc:.1f}" + "%。\n\n"
+            "该结果表明平滑系数的选取需在隐私保护强度与模型效用之间进行权衡。\n\n"
             "---\n\n"
-            "### 三、输出扰动作为推理期防御策略的独特优势\n\n"
-            "输出扰动在推理阶段对模型输出的Loss值注入高斯噪声，"
-            "其核心优势在于**完全不改变模型参数**，因此对模型效用无任何影响。实验中:\n\n"
-            "- **s=0.02**: AUC从 " + f"{bl_auc:.4f}" + " 降至 " + f"{op002_auc:.4f}"
-            + "，而准确率保持 " + f"{bl_acc:.1f}" + "% 不变。\n\n"
-            "这表明输出扰动是一种**零效用成本**的防御手段，"
-            "特别适合已部署的模型系统进行后期隐私加固，具有良好的工程实用性。\n\n"
+            "### 三、输出扰动的独特优势\n\n"
+            "输出扰动在推理阶段对Loss值注入高斯噪声，"
+            "核心优势在于完全不改变模型参数，对模型效用无任何影响。\n\n"
+            "- s=0.02: AUC从" + f"{bl_auc:.4f}" + "降至" + f"{op002_auc:.4f}"
+            + "，准确率保持" + f"{bl_acc:.1f}" + "%不变。\n\n"
+            "这是一种零效用成本的防御手段，适合已部署系统进行后期隐私加固。\n\n"
             "---\n\n"
             "### 四、隐私-效用权衡的定量分析\n\n"
-            "综合所有实验结果，本研究揭示了教育大模型隐私保护中的核心矛盾:\n\n"
-            "| 策略 | AUC (隐私风险) | 准确率 (效用) | 特点 |\n"
-            "|------|----------------|--------------|------|\n"
-            "| 基线 (无防御) | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% | 风险最高 |\n"
-            "| 标签平滑 e=0.02 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}" + "% | 训练期防御，效用保持良好 |\n"
+            "| 策略 | AUC | 准确率 | 特点 |\n"
+            "|------|-----|--------|------|\n"
+            "| 基线 | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% | 风险最高 |\n"
+            "| 标签平滑 e=0.02 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}" + "% | 效用保持良好 |\n"
             "| 标签平滑 e=0.2 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}" + "% | 强力防御 |\n"
             "| 输出扰动 s=0.02 | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}" + "% | 零效用损失 |\n\n"
-            "上述分析表明，将**训练期标签平滑** (e=0.02) 与**推理期输出扰动** (s=0.02) 组合使用，"
-            "可以在两个独立维度上削弱攻击者的推断能力，实现更为全面的隐私保护，"
-            "同时将效用损失控制在可接受范围内。\n"
-        )
-
-    # ============================
-    # 底部
-    # ============================
+            "将训练期标签平滑(e=0.02)与推理期输出扰动(s=0.02)组合使用，"
+            "可在两个独立维度上削弱攻击者的推断能力，实现更为全面的隐私保护，"
+            "同时将效用损失控制在可接受范围内。\n")
+
     gr.Markdown(
-        "---\n\n"
-        "<center>\n\n"
+        "---\n\n<center>\n\n"
         "教育大模型中的成员推理攻击及其防御思路研究\n\n"
-        "Qwen2.5-Math-1.5B | LoRA | MIA | Label Smoothing | Output Perturbation\n\n"
-        "</center>\n"
-    )
+        "</center>\n")
 
-# ========================================
-# 5. 启动
-# ========================================
 demo.launch()