Update app.py

app.py

@@ -35,7 +35,6 @@ config = load_json("config.json")
 plt.rcParams['font.sans-serif'] = ['DejaVu Sans']
 plt.rcParams['axes.unicode_minus'] = False
 
-# ── 预取指标 ──
 bl = mia_results.get('baseline', {})
 s002 = mia_results.get('smooth_0.02', {})
 s02 = mia_results.get('smooth_0.2', {})
@@ -43,372 +42,351 @@ p001 = perturb_results.get('perturbation_0.01', {})
 p0015 = perturb_results.get('perturbation_0.015', {})
 p002 = perturb_results.get('perturbation_0.02', {})
 
-bl_auc = bl.get('auc', 0)
-s002_auc = s002.get('auc', 0)
-s02_auc = s02.get('auc', 0)
-op001_auc = p001.get('auc', 0)
-op0015_auc = p0015.get('auc', 0)
-op002_auc = p002.get('auc', 0)
-
-bl_acc = utility_results.get('baseline', {}).get('accuracy', 0) * 100
-s002_acc = utility_results.get('smooth_0.02', {}).get('accuracy', 0) * 100
-s02_acc = utility_results.get('smooth_0.2', {}).get('accuracy', 0) * 100
-
-bl_m_mean = bl.get('member_loss_mean', 0.19)
-bl_nm_mean = bl.get('non_member_loss_mean', 0.23)
-bl_m_std = bl.get('member_loss_std', 0.03)
-bl_nm_std = bl.get('non_member_loss_std', 0.03)
-s002_m_mean = s002.get('member_loss_mean', 0.20)
-s002_nm_mean = s002.get('non_member_loss_mean', 0.22)
-s002_m_std = s002.get('member_loss_std', 0.03)
-s002_nm_std = s002.get('non_member_loss_std', 0.03)
-s02_m_mean = s02.get('member_loss_mean', 0.42)
-s02_nm_mean = s02.get('non_member_loss_mean', 0.44)
-s02_m_std = s02.get('member_loss_std', 0.03)
-s02_nm_std = s02.get('non_member_loss_std', 0.03)
-
+bl_auc, s002_auc, s02_auc = bl.get('auc',0), s002.get('auc',0), s02.get('auc',0)
+op001_auc, op0015_auc, op002_auc = p001.get('auc',0), p0015.get('auc',0), p002.get('auc',0)
+bl_acc = utility_results.get('baseline',{}).get('accuracy',0)*100
+s002_acc = utility_results.get('smooth_0.02',{}).get('accuracy',0)*100
+s02_acc = utility_results.get('smooth_0.2',{}).get('accuracy',0)*100
+
+bl_m_mean, bl_nm_mean = bl.get('member_loss_mean',.19), bl.get('non_member_loss_mean',.23)
+bl_m_std, bl_nm_std = bl.get('member_loss_std',.03), bl.get('non_member_loss_std',.03)
+s002_m_mean, s002_nm_mean = s002.get('member_loss_mean',.20), s002.get('non_member_loss_mean',.22)
+s002_m_std, s002_nm_std = s002.get('member_loss_std',.03), s002.get('non_member_loss_std',.03)
+s02_m_mean, s02_nm_mean = s02.get('member_loss_mean',.42), s02.get('non_member_loss_mean',.44)
+s02_m_std, s02_nm_std = s02.get('member_loss_std',.03), s02.get('non_member_loss_std',.03)
 model_name = config.get('model_name', 'Qwen/Qwen2.5-Math-1.5B-Instruct')
 
 MODEL_INFO = {
-    "baseline": {"m_mean": bl_m_mean, "nm_mean": bl_nm_mean, "m_std": bl_m_std, "nm_std": bl_nm_std, "label": "Baseline", "auc": bl_auc},
-    "smooth_0.02": {"m_mean": s002_m_mean, "nm_mean": s002_nm_mean, "m_std": s002_m_std, "nm_std": s002_nm_std, "label": "LS(e=0.02)", "auc": s002_auc},
-    "smooth_0.2": {"m_mean": s02_m_mean, "nm_mean": s02_nm_mean, "m_std": s02_m_std, "nm_std": s02_nm_std, "label": "LS(e=0.2)", "auc": s02_auc},
+    "baseline": {"m_mean":bl_m_mean,"nm_mean":bl_nm_mean,"m_std":bl_m_std,"nm_std":bl_nm_std,"label":"Baseline","auc":bl_auc},
+    "smooth_0.02": {"m_mean":s002_m_mean,"nm_mean":s002_nm_mean,"m_std":s002_m_std,"nm_std":s002_nm_std,"label":u"LS(\u03b5=0.02)","auc":s002_auc},
+    "smooth_0.2": {"m_mean":s02_m_mean,"nm_mean":s02_nm_mean,"m_std":s02_m_std,"nm_std":s02_nm_std,"label":u"LS(\u03b5=0.2)","auc":s02_auc},
 }
 
-# ── 效用题库 ──
+TYPE_CN = {'calculation':'基础计算','word_problem':'应用题','concept':'概念问答','error_correction':'错题订正'}
 EVAL_POOL = []
-TYPE_CN = {'calculation': '基础计算', 'word_problem': '应用题', 'concept': '概念问答', 'error_correction': '错题订正'}
-_et = ['calculation'] * 120 + ['word_problem'] * 90 + ['concept'] * 60 + ['error_correction'] * 30
+_et = ['calculation']*120+['word_problem']*90+['concept']*60+['error_correction']*30
 np.random.seed(777)
 for _i in range(300):
     _t = _et[_i]
-    if _t == 'calculation':
-        _a, _b = int(np.random.randint(10, 500)), int(np.random.randint(10, 500))
-        _op = ['+', '-', 'x'][_i % 3]
-        if _op == '+': _q, _ans = f"请计算: {_a} + {_b} = ?", str(_a + _b)
-        elif _op == '-': _q, _ans = f"请计算: {_a} - {_b} = ?", str(_a - _b)
-        else: _q, _ans = f"请计算: {_a} x {_b} = ?", str(_a * _b)
-    elif _t == 'word_problem':
-        _a, _b, _c = int(np.random.randint(5, 200)), int(np.random.randint(3, 50)), int(np.random.randint(5, 50))
-        _tpls = [(f"小明有{_a}个苹果，吃掉{_b}个，还剩多少？", str(_a-_b)),
-                 (f"每组{_a}人，共{_b}组，总计多少人？", str(_a*_b)),
-                 (f"图书馆有{_a}本书，借出{_b}本后又买了{_c}本，现有多少？", str(_a-_b+_c)),
-                 (f"商店有{_a}支铅笔，卖出{_b}支，还剩多少？", str(_a-_b)),
-                 (f"小红有{_a}颗糖，小明给了她{_b}颗，现在多少？", str(_a+_b))]
-        _q, _ans = _tpls[_i % len(_tpls)]
-    elif _t == 'concept':
-        _cs = [("面积","面积是平面图形所占平面的大小"),("周长","���长是封闭图形边线一周的总长度"),
-               ("分数","分数表示整体等分后取若干份"),("小数","小数用小数点表示比1小的数"),("平均数","平均数是总和除以个数")]
-        _cn, _df = _cs[_i % len(_cs)]
-        _q, _ans = f"请解释什么是{_cn}？", _df
+    if _t=='calculation':
+        _a,_b=int(np.random.randint(10,500)),int(np.random.randint(10,500))
+        _op=['+','-','x'][_i%3]
+        if _op=='+': _q,_ans=f"请计算: {_a} + {_b} = ?",str(_a+_b)
+        elif _op=='-': _q,_ans=f"请计算: {_a} - {_b} = ?",str(_a-_b)
+        else: _q,_ans=f"请计算: {_a} x {_b} = ?",str(_a*_b)
+    elif _t=='word_problem':
+        _a,_b,_c=int(np.random.randint(5,200)),int(np.random.randint(3,50)),int(np.random.randint(5,50))
+        _tpls=[(f"小明有{_a}个苹果，吃掉{_b}个，还剩多少？",str(_a-_b)),(f"每组{_a}人，共{_b}组，总计多少人？",str(_a*_b)),
+               (f"图书馆有{_a}本书，借出{_b}本又买了{_c}本，现有多少？",str(_a-_b+_c)),(f"商店有{_a}支笔，卖出{_b}支，还剩？",str(_a-_b)),
+               (f"小红有{_a}颗糖，小明给她{_b}颗，现在多少？",str(_a+_b))]
+        _q,_ans=_tpls[_i%len(_tpls)]
+    elif _t=='concept':
+        _cs=[("面积","面积是平面图形所占平面的大小"),("周长","周长是封闭图形边线一周的总长度"),
+             ("分数","分数表示整体等分后取若干份"),("小数","小数用小数点表示比1小的数"),("平均数","平均数是总和除以个数")]
+        _cn,_df=_cs[_i%len(_cs)]; _q,_ans=f"请解释什么是{_cn}？",_df
     else:
-        _a, _b = int(np.random.randint(10, 99)), int(np.random.randint(10, 99))
-        _w = _a + _b + int(np.random.choice([-1, 1, -10, 10]))
-        _q, _ans = f"有同学算 {_a}+{_b}={_w}，正确答案是？", str(_a + _b)
-    EVAL_POOL.append({'question': _q, 'answer': _ans, 'type_cn': TYPE_CN[_t],
-        'baseline': bool(np.random.random() < bl_acc / 100),
-        'smooth_0.02': bool(np.random.random() < s002_acc / 100),
-        'smooth_0.2': bool(np.random.random() < s02_acc / 100)})
-
-
-# ========================================
-# 图表函数
-# ========================================
-
-def fig_loss_gauge(loss_val, m_mean, nm_mean, threshold, m_std, nm_std):
-    fig, ax = plt.subplots(figsize=(8, 2.5))
-    xlo = min(m_mean - 3 * m_std, loss_val - 0.01)
-    xhi = max(nm_mean + 3 * nm_std, loss_val + 0.01)
-    ax.axvspan(xlo, threshold, alpha=0.10, color='#3b82f6')
-    ax.axvspan(threshold, xhi, alpha=0.10, color='#ef4444')
-    ax.axvline(threshold, color='#1e293b', lw=2, zorder=3)
-    ax.text(threshold, 1.08, 'Threshold', ha='center', va='bottom', fontsize=9, fontweight='bold', color='#1e293b', transform=ax.get_xaxis_transform())
-    ax.axvline(m_mean, color='#3b82f6', lw=1, ls='--', alpha=.5)
-    ax.axvline(nm_mean, color='#ef4444', lw=1, ls='--', alpha=.5)
-    mc = '#3b82f6' if loss_val < threshold else '#ef4444'
-    ax.plot(loss_val, 0.5, marker='v', ms=14, color=mc, zorder=5, transform=ax.get_xaxis_transform())
-    ax.text(loss_val, 0.76, f'Loss={loss_val:.4f}', ha='center', fontsize=10, fontweight='bold', color=mc,
-            transform=ax.get_xaxis_transform(), bbox=dict(boxstyle='round,pad=0.25', fc='white', ec=mc, alpha=.9))
-    ax.text((xlo + threshold) / 2, 0.45, 'Member\nZone', ha='center', va='center', fontsize=9, color='#3b82f6', alpha=.4, fontweight='bold', transform=ax.get_xaxis_transform())
-    ax.text((threshold + xhi) / 2, 0.45, 'Non-Member\nZone', ha='center', va='center', fontsize=9, color='#ef4444', alpha=.4, fontweight='bold', transform=ax.get_xaxis_transform())
+        _a,_b=int(np.random.randint(10,99)),int(np.random.randint(10,99))
+        _w=_a+_b+int(np.random.choice([-1,1,-10,10])); _q,_ans=f"有同学算{_a}+{_b}={_w}，正确答案是？",str(_a+_b)
+    EVAL_POOL.append({'question':_q,'answer':_ans,'type_cn':TYPE_CN[_t],
+        'baseline':bool(np.random.random()<bl_acc/100),'smooth_0.02':bool(np.random.random()<s002_acc/100),'smooth_0.2':bool(np.random.random()<s02_acc/100)})
+
+
+# ══════════════ 图表 ══════════════
+
+def fig_gauge(loss_val, m_mean, nm_mean, thr, m_std, nm_std):
+    fig, ax = plt.subplots(figsize=(9, 2.6))
+    xlo = min(m_mean-3*m_std, loss_val-.01); xhi = max(nm_mean+3*nm_std, loss_val+.01)
+    ax.axvspan(xlo, thr, alpha=.08, color='#3b82f6')
+    ax.axvspan(thr, xhi, alpha=.08, color='#ef4444')
+    ax.axvline(thr, color='#1e293b', lw=2, zorder=3)
+    ax.text(thr, 1.08, f'Threshold={thr:.4f}', ha='center', va='bottom', fontsize=8.5, fontweight='bold', color='#1e293b', transform=ax.get_xaxis_transform())
+    ax.axvline(m_mean, color='#3b82f6', lw=1, ls='--', alpha=.4)
+    ax.axvline(nm_mean, color='#ef4444', lw=1, ls='--', alpha=.4)
+    mc = '#3b82f6' if loss_val < thr else '#ef4444'
+    ax.plot(loss_val, .5, marker='v', ms=15, color=mc, zorder=5, transform=ax.get_xaxis_transform())
+    ax.text(loss_val, .78, f'Loss={loss_val:.4f}', ha='center', fontsize=10, fontweight='bold', color=mc,
+            transform=ax.get_xaxis_transform(), bbox=dict(boxstyle='round,pad=.25', fc='white', ec=mc, alpha=.9))
+    ax.text((xlo+thr)/2, .42, 'Member Zone', ha='center', va='center', fontsize=9.5, color='#3b82f6', alpha=.35, fontweight='bold', transform=ax.get_xaxis_transform())
+    ax.text((thr+xhi)/2, .42, 'Non-Member Zone', ha='center', va='center', fontsize=9.5, color='#ef4444', alpha=.35, fontweight='bold', transform=ax.get_xaxis_transform())
     ax.set_xlim(xlo, xhi); ax.set_yticks([])
-    for s in ['top', 'right', 'left']: ax.spines[s].set_visible(False)
+    for s in ['top','right','left']: ax.spines[s].set_visible(False)
     ax.set_xlabel('Loss Value', fontsize=9); plt.tight_layout(); return fig
 
 
 def fig_loss_dist():
-    items = [(k, l, mia_results.get(k, {}).get('auc', 0)) for k, l in [('baseline', 'Baseline'), ('smooth_0.02', 'LS(e=0.02)'), ('smooth_0.2', 'LS(e=0.2)')] if k in full_results]
+    items = [(k,l,mia_results.get(k,{}).get('auc',0)) for k,l in [('baseline','Baseline'),('smooth_0.02',u'LS(\u03b5=0.02)'),('smooth_0.2',u'LS(\u03b5=0.2)')] if k in full_results]
     n = len(items)
-    fig, axes = plt.subplots(1, n, figsize=(6 * n, 5))
-    if n == 1: axes = [axes]
-    for ax, (k, l, a) in zip(axes, items):
-        m = full_results[k]['member_losses']; nm = full_results[k]['non_member_losses']
-        bins = np.linspace(min(min(m), min(nm)), max(max(m), max(nm)), 28)
-        ax.hist(m, bins=bins, alpha=.5, color='#3b82f6', label='Member', density=True)
-        ax.hist(nm, bins=bins, alpha=.5, color='#ef4444', label='Non-Member', density=True)
-        ax.set_title(f'{l}  |  AUC={a:.4f}', fontsize=12, fontweight='bold')
-        ax.set_xlabel('Loss'); ax.set_ylabel('Density'); ax.legend(fontsize=9)
+    fig, axes = plt.subplots(1,n,figsize=(6.5*n,5.2))
+    if n==1: axes=[axes]
+    for ax,(k,l,a) in zip(axes,items):
+        m=full_results[k]['member_losses']; nm=full_results[k]['non_member_losses']
+        bins=np.linspace(min(min(m),min(nm)),max(max(m),max(nm)),28)
+        ax.hist(m,bins=bins,alpha=.5,color='#3b82f6',label='Member',density=True)
+        ax.hist(nm,bins=bins,alpha=.5,color='#ef4444',label='Non-Member',density=True)
+        ax.set_title(f'{l}  |  AUC={a:.4f}',fontsize=12,fontweight='bold')
+        ax.set_xlabel('Loss',fontsize=10); ax.set_ylabel('Density',fontsize=10)
+        ax.legend(fontsize=9); ax.grid(axis='y',alpha=.15)
         ax.spines['top'].set_visible(False); ax.spines['right'].set_visible(False)
-        ax.grid(axis='y', alpha=.2)
     plt.tight_layout(); return fig
 
 
 def fig_perturb_dist():
-    base = full_results.get('baseline', {})
+    base=full_results.get('baseline',{})
     if not base: return plt.figure()
-    ml = np.array(base['member_losses']); nl = np.array(base['non_member_losses'])
-    fig, axes = plt.subplots(1, 3, figsize=(18, 5))
-    for ax, s in zip(axes, [0.01, 0.015, 0.02]):
-        np.random.seed(42); mp = ml + np.random.normal(0, s, len(ml))
-        np.random.seed(43); np_ = nl + np.random.normal(0, s, len(nl))
-        v = np.concatenate([mp, np_]); bins = np.linspace(v.min(), v.max(), 28)
-        ax.hist(mp, bins=bins, alpha=.5, color='#3b82f6', label='Member+noise', density=True)
-        ax.hist(np_, bins=bins, alpha=.5, color='#ef4444', label='Non-Mem+noise', density=True)
-        pa = perturb_results.get(f'perturbation_{s}', {}).get('auc', 0)
-        ax.set_title(f'OP(s={s})  |  AUC={pa:.4f}', fontsize=12, fontweight='bold')
-        ax.set_xlabel('Loss'); ax.set_ylabel('Density'); ax.legend(fontsize=9)
+    ml=np.array(base['member_losses']); nl=np.array(base['non_member_losses'])
+    fig,axes=plt.subplots(1,3,figsize=(19.5,5.2))
+    for ax,s in zip(axes,[0.01,0.015,0.02]):
+        np.random.seed(42); mp=ml+np.random.normal(0,s,len(ml))
+        np.random.seed(43); np_=nl+np.random.normal(0,s,len(nl))
+        v=np.concatenate([mp,np_]); bins=np.linspace(v.min(),v.max(),28)
+        ax.hist(mp,bins=bins,alpha=.5,color='#3b82f6',label='Member+noise',density=True)
+        ax.hist(np_,bins=bins,alpha=.5,color='#ef4444',label='Non-Mem+noise',density=True)
+        pa=perturb_results.get(f'perturbation_{s}',{}).get('auc',0)
+        ax.set_title(f'OP(s={s})  |  AUC={pa:.4f}',fontsize=12,fontweight='bold')
+        ax.set_xlabel('Loss',fontsize=10); ax.set_ylabel('Density',fontsize=10)
+        ax.legend(fontsize=9); ax.grid(axis='y',alpha=.15)
         ax.spines['top'].set_visible(False); ax.spines['right'].set_visible(False)
-        ax.grid(axis='y', alpha=.2)
     plt.tight_layout(); return fig
 
 
 def fig_auc_bar():
-    data = []
-    for k, n, c in [('baseline','Baseline','#64748b'),('smooth_0.02','LS(e=0.02)','#3b82f6'),('smooth_0.2','LS(e=0.2)','#1d4ed8')]:
-        if k in mia_results: data.append((n, mia_results[k]['auc'], c))
-    for k, n, c in [('perturbation_0.01','OP(s=0.01)','#10b981'),('perturbation_0.015','OP(s=0.015)','#059669'),('perturbation_0.02','OP(s=0.02)','#047857')]:
-        if k in perturb_results: data.append((n, perturb_results[k]['auc'], c))
-    fig, ax = plt.subplots(figsize=(11, 5.5))
-    ns, vs, cs = zip(*data)
-    bars = ax.bar(ns, vs, color=cs, width=.5, edgecolor='white', lw=1.5)
-    for b, v in zip(bars, vs): ax.text(b.get_x()+b.get_width()/2, b.get_height()+.002, f'{v:.4f}', ha='center', fontsize=10, fontweight='bold')
-    ax.axhline(.5, color='#ef4444', ls='--', lw=1.5, alpha=.5, label='Random (0.5)')
-    ax.set_ylabel('MIA AUC', fontsize=11); ax.set_ylim(.48, max(vs)+.03)
+    data=[]
+    for k,n,c in [('baseline','Baseline','#64748b'),(u'smooth_0.02',u'LS(\u03b5=0.02)','#3b82f6'),('smooth_0.2',u'LS(\u03b5=0.2)','#1d4ed8')]:
+        if k in mia_results: data.append((n,mia_results[k]['auc'],c))
+    for k,n,c in [('perturbation_0.01','OP(s=0.01)','#10b981'),('perturbation_0.015','OP(s=0.015)','#059669'),('perturbation_0.02','OP(s=0.02)','#047857')]:
+        if k in perturb_results: data.append((n,perturb_results[k]['auc'],c))
+    fig,ax=plt.subplots(figsize=(11,5.5))
+    ns,vs,cs=zip(*data); bars=ax.bar(ns,vs,color=cs,width=.5,edgecolor='white',lw=1.5)
+    for b,v in zip(bars,vs): ax.text(b.get_x()+b.get_width()/2,b.get_height()+.002,f'{v:.4f}',ha='center',fontsize=10,fontweight='bold')
+    ax.axhline(.5,color='#ef4444',ls='--',lw=1.5,alpha=.5,label='Random (0.5)')
+    ax.set_ylabel('MIA AUC',fontsize=11); ax.set_ylim(.48,max(vs)+.03)
     ax.legend(fontsize=9); ax.spines['top'].set_visible(False); ax.spines['right'].set_visible(False)
-    ax.grid(axis='y', alpha=.2); plt.xticks(fontsize=10); plt.tight_layout(); return fig
+    ax.grid(axis='y',alpha=.15); plt.xticks(fontsize=10); plt.tight_layout(); return fig
 
 
 def fig_acc_bar():
-    data = []
-    for k, n, c in [('baseline','Baseline','#64748b'),('smooth_0.02','LS(e=0.02)','#3b82f6'),('smooth_0.2','LS(e=0.2)','#1d4ed8')]:
-        if k in utility_results: data.append((n, utility_results[k]['accuracy']*100, c))
-    bp = bl_acc
-    for k, n, c in [('perturbation_0.01','OP(s=0.01)','#10b981'),('perturbation_0.015','OP(s=0.015)','#059669'),('perturbation_0.02','OP(s=0.02)','#047857')]:
-        if k in perturb_results: data.append((n, bp, c))
-    fig, ax = plt.subplots(figsize=(11, 5.5))
-    ns, vs, cs = zip(*data)
-    bars = ax.bar(ns, vs, color=cs, width=.5, edgecolor='white', lw=1.5)
-    for b, v in zip(bars, vs): ax.text(b.get_x()+b.get_width()/2, v+.4, f'{v:.1f}%', ha='center', fontsize=10, fontweight='bold')
-    ax.set_ylabel('Accuracy (%)', fontsize=11); ax.set_ylim(0, 100)
+    data=[]
+    for k,n,c in [('baseline','Baseline','#64748b'),('smooth_0.02',u'LS(\u03b5=0.02)','#3b82f6'),('smooth_0.2',u'LS(\u03b5=0.2)','#1d4ed8')]:
+        if k in utility_results: data.append((n,utility_results[k]['accuracy']*100,c))
+    bp=bl_acc
+    for k,n,c in [('perturbation_0.01','OP(s=0.01)','#10b981'),('perturbation_0.015','OP(s=0.015)','#059669'),('perturbation_0.02','OP(s=0.02)','#047857')]:
+        if k in perturb_results: data.append((n,bp,c))
+    fig,ax=plt.subplots(figsize=(11,5.5))
+    ns,vs,cs=zip(*data); bars=ax.bar(ns,vs,color=cs,width=.5,edgecolor='white',lw=1.5)
+    for b,v in zip(bars,vs): ax.text(b.get_x()+b.get_width()/2,v+.4,f'{v:.1f}%',ha='center',fontsize=10,fontweight='bold')
+    ax.set_ylabel('Accuracy (%)',fontsize=11); ax.set_ylim(0,100)
     ax.spines['top'].set_visible(False); ax.spines['right'].set_visible(False)
-    ax.grid(axis='y', alpha=.2); plt.xticks(fontsize=10); plt.tight_layout(); return fig
+    ax.grid(axis='y',alpha=.15); plt.xticks(fontsize=10); plt.tight_layout(); return fig
 
 
 def fig_tradeoff():
-    fig, ax = plt.subplots(figsize=(9, 6.5))
-    pts = []
-    for k, n, mk, c in [('baseline','Baseline','o','#64748b'),('smooth_0.02','LS(e=0.02)','s','#3b82f6'),('smooth_0.2','LS(e=0.2)','s','#1d4ed8')]:
-        if k in mia_results and k in utility_results: pts.append((n, utility_results[k]['accuracy'], mia_results[k]['auc'], mk, c))
-    ba = utility_results.get('baseline',{}).get('accuracy',.633)
-    for k, n, mk, c in [('perturbation_0.01','OP(s=0.01)','^','#10b981'),('perturbation_0.015','OP(s=0.015)','D','#059669'),('perturbation_0.02','OP(s=0.02)','^','#047857')]:
-        if k in perturb_results: pts.append((n, ba, perturb_results[k]['auc'], mk, c))
-    for n, x, y, mk, c in pts: ax.scatter(x, y, label=n, marker=mk, color=c, s=180, edgecolors='white', lw=2, zorder=5)
-    ax.axhline(.5, color='#cbd5e1', ls='--', alpha=.8, label='Random')
-    ax.set_xlabel('Accuracy', fontsize=11, fontweight='bold'); ax.set_ylabel('MIA AUC (Privacy Risk)', fontsize=11, fontweight='bold')
-    xs = [p[1] for p in pts]; ys = [p[2] for p in pts]
-    if xs: ax.set_xlim(min(xs)-.03, max(xs)+.05); ax.set_ylim(min(min(ys),.5)-.02, max(ys)+.02)
-    ax.legend(fontsize=8, loc='upper right'); ax.grid(True, alpha=.15)
+    fig,ax=plt.subplots(figsize=(9,6.5)); pts=[]
+    for k,n,mk,c in [('baseline','Baseline','o','#64748b'),('smooth_0.02',u'LS(\u03b5=0.02)','s','#3b82f6'),('smooth_0.2',u'LS(\u03b5=0.2)','s','#1d4ed8')]:
+        if k in mia_results and k in utility_results: pts.append((n,utility_results[k]['accuracy'],mia_results[k]['auc'],mk,c))
+    ba=utility_results.get('baseline',{}).get('accuracy',.633)
+    for k,n,mk,c in [('perturbation_0.01','OP(s=0.01)','^','#10b981'),('perturbation_0.015','OP(s=0.015)','D','#059669'),('perturbation_0.02','OP(s=0.02)','^','#047857')]:
+        if k in perturb_results: pts.append((n,ba,perturb_results[k]['auc'],mk,c))
+    for n,x,y,mk,c in pts: ax.scatter(x,y,label=n,marker=mk,color=c,s=180,edgecolors='white',lw=2,zorder=5)
+    ax.axhline(.5,color='#cbd5e1',ls='--',alpha=.8,label='Random')
+    ax.set_xlabel('Accuracy',fontsize=11,fontweight='bold'); ax.set_ylabel('MIA AUC',fontsize=11,fontweight='bold')
+    xs=[p[1] for p in pts]; ys=[p[2] for p in pts]
+    if xs: ax.set_xlim(min(xs)-.03,max(xs)+.05); ax.set_ylim(min(min(ys),.5)-.02,max(ys)+.025)
+    ax.legend(fontsize=8,loc='upper right'); ax.grid(True,alpha=.12)
     ax.spines['top'].set_visible(False); ax.spines['right'].set_visible(False)
     plt.tight_layout(); return fig
 
 
-# ========================================
-# 回调函数
-# ========================================
+# ══════════════ 回调 ══════════════
 
 def cb_sample(src):
-    pool = member_data if src == "成员数据（训练集）" else non_member_data
-    s = pool[np.random.randint(len(pool))]
-    m = s['metadata']
-    tm = {'calculation':'基础计算','word_problem':'应用题','concept':'概念问答','error_correction':'错题订正'}
-    md = ("| 字段 | 值 |\n|---|---|\n"
-          "| 姓名 | " + clean_text(str(m.get('name',''))) + " |\n"
-          "| 学号 | " + clean_text(str(m.get('student_id',''))) + " |\n"
-          "| 班级 | " + clean_text(str(m.get('class',''))) + " |\n"
-          "| 成绩 | " + clean_text(str(m.get('score',''))) + " 分 |\n"
-          "| 类型 | " + tm.get(s.get('task_type',''),'') + " |\n")
+    pool=member_data if src=="成员数据（训练集）" else non_member_data
+    s=pool[np.random.randint(len(pool))]; m=s['metadata']
+    tm={'calculation':'基础计算','word_problem':'应用题','concept':'概念问答','error_correction':'错题订正'}
+    md=("| 字段 | 值 |\n|---|---|\n| 姓名 | "+clean_text(str(m.get('name','')))+
+        " |\n| 学号 | "+clean_text(str(m.get('student_id','')))+
+        " |\n| 班级 | "+clean_text(str(m.get('class','')))+
+        " |\n| 成绩 | "+clean_text(str(m.get('score','')))+" 分 |\n| 类型 | "+tm.get(s.get('task_type',''),'')+" |\n")
     return md, clean_text(s.get('question','')), clean_text(s.get('answer',''))
 
 
-ATK_MAP = {"基线模型 (Baseline)":"baseline","标签平滑 (e=0.02)":"smooth_0.02","标签平滑 (e=0.2)":"smooth_0.2",
-           "输出扰动 (s=0.01)":"perturbation_0.01","输出扰动 (s=0.015)":"perturbation_0.015","输出扰动 (s=0.02)":"perturbation_0.02"}
+ATK_MAP = {
+    u"基线模型 (Baseline)":"baseline",
+    u"标签平滑 (\u03b5=0.02)":"smooth_0.02",
+    u"标签平滑 (\u03b5=0.2)":"smooth_0.2",
+    u"输出扰动 (\u03c3=0.01)":"perturbation_0.01",
+    u"输出扰动 (\u03c3=0.015)":"perturbation_0.015",
+    u"输出扰动 (\u03c3=0.02)":"perturbation_0.02",
+}
 
 
 def cb_attack(idx, src, target):
-    is_mem = src == "成员数据（训练集）"
+    is_mem = src=="成员数据（训练集）"
     pool = member_data if is_mem else non_member_data
-    idx = min(int(idx), len(pool)-1)
-    sample = pool[idx]
+    idx = min(int(idx), len(pool)-1); sample = pool[idx]
     key = ATK_MAP.get(target, "baseline")
     is_op = key.startswith("perturbation_")
-
     if is_op:
-        sigma = float(key.split("_")[1])
-        fr = full_results.get('baseline', {})
-        lk = 'member_losses' if is_mem else 'non_member_losses'
-        base_loss = fr[lk][idx] if idx < len(fr.get(lk, [])) else float(np.random.normal(bl_m_mean if is_mem else bl_nm_mean, .02))
-        np.random.seed(idx * 1000 + int(sigma * 1000))
-        loss = base_loss + np.random.normal(0, sigma)
-        mm, nm, ms, ns = bl_m_mean, bl_nm_mean, bl_m_std, bl_nm_std
-        auc_v = perturb_results.get(key, {}).get('auc', 0)
-        lbl = f"OP(s={sigma})"
+        sigma=float(key.split("_")[1]); fr=full_results.get('baseline',{})
+        lk='member_losses' if is_mem else 'non_member_losses'
+        base_loss=fr[lk][idx] if idx<len(fr.get(lk,[])) else float(np.random.normal(bl_m_mean if is_mem else bl_nm_mean,.02))
+        np.random.seed(idx*1000+int(sigma*1000)); loss=base_loss+np.random.normal(0,sigma)
+        mm,nm,ms,ns=bl_m_mean,bl_nm_mean,bl_m_std,bl_nm_std
+        auc_v=perturb_results.get(key,{}).get('auc',0); lbl=u"OP(\u03c3="+str(sigma)+")"
     else:
-        info = MODEL_INFO.get(key, MODEL_INFO['baseline'])
-        fr = full_results.get(key, full_results.get('baseline', {}))
-        lk = 'member_losses' if is_mem else 'non_member_losses'
-        loss = fr[lk][idx] if idx < len(fr.get(lk, [])) else float(np.random.normal(info['m_mean'] if is_mem else info['nm_mean'], .02))
-        mm, nm, ms, ns = info['m_mean'], info['nm_mean'], info['m_std'], info['nm_std']
-        auc_v = info['auc']
-        lbl = info['label']
-
-    thr = (mm + nm) / 2
-    pred = loss < thr
-    correct = pred == is_mem
-    gauge = fig_loss_gauge(loss, mm, nm, thr, ms, ns)
-
-    pl, pc = ("训练成员","🔴") if pred else ("非训练成员","🟢")
-    al, ac = ("训练成员","🔴") if is_mem else ("非训练成员","🟢")
-
+        info=MODEL_INFO.get(key,MODEL_INFO['baseline']); fr=full_results.get(key,full_results.get('baseline',{}))
+        lk='member_losses' if is_mem else 'non_member_losses'
+        loss=fr[lk][idx] if idx<len(fr.get(lk,[])) else float(np.random.normal(info['m_mean'] if is_mem else info['nm_mean'],.02))
+        mm,nm,ms,ns=info['m_mean'],info['nm_mean'],info['m_std'],info['nm_std']
+        auc_v=info['auc']; lbl=info['label']
+    thr=(mm+nm)/2; pred=loss<thr; correct=pred==is_mem
+    gauge=fig_gauge(loss,mm,nm,thr,ms,ns)
+    pl,pc=("训练成员","🔴") if pred else ("非训练成员","🟢")
+    al,ac=("训练成员","🔴") if is_mem else ("非训练成员","🟢")
     if correct and pred and is_mem:
-        v = "⚠️ **攻击成功：隐私泄露**\n\n模型对该样本过于熟悉（Loss < 阈值），攻击者成功判定为训练数据。"
+        v="⚠️ **攻击成功：隐私泄露**\n\n模型对该样本过于熟悉（Loss < 阈值），攻击者成功判定为训练数据。"
     elif correct:
-        v = "✅ **判定正确**\n\n攻击者的判定与真实身份一致。"
+        v="✅ **判定正确**\n\n攻击者的判定与真实身份一致。"
     else:
-        v = "🛡️ **防御成功：攻击失误**\n\n攻击者的判定与真实身份不符，防御起到了作用。"
-
-    res = (v + "\n\n**攻击目标**: " + lbl + "　|　**AUC**: " + f"{auc_v:.4f}" + "\n\n"
-           "| | 攻击者判定 | 真实身份 |\n|---|---|---|\n"
-           "| 身份 | " + pc + " " + pl + " | " + ac + " " + al + " |\n"
-           "| Loss | " + f"{loss:.4f}" + " | 阈值: " + f"{thr:.4f}" + " |\n")
-
-    qtxt = "**样本 #" + str(idx) + "**\n\n" + clean_text(sample.get('question', ''))[:500]
+        v="🛡️ **防御成功**\n\n攻击者的判定错误，防御起到了保护作用。"
+    res=(v+"\n\n**攻击目标**: "+lbl+"　|　**AUC**: "+f"{auc_v:.4f}"+"\n\n"
+         "| | 攻击者判定 | 真实身份 |\n|---|---|---|\n"
+         "| 身份 | "+pc+" "+pl+" | "+ac+" "+al+" |\n"
+         "| Loss | "+f"{loss:.4f}"+" | 阈值: "+f"{thr:.4f}"+" |\n")
+    qtxt="**样本 #"+str(idx)+"**\n\n"+clean_text(sample.get('question',''))[:500]
     return qtxt, gauge, res
 
 
-EVAL_ACC = {"基线模型":bl_acc,"标签平滑 (e=0.02)":s002_acc,"标签平滑 (e=0.2)":s02_acc,
-            "输出扰动 (s=0.01)":bl_acc,"输出扰动 (s=0.015)":bl_acc,"输出扰动 (s=0.02)":bl_acc}
-EVAL_KEY = {"基线模型":"baseline","标签平滑 (e=0.02)":"smooth_0.02","标签平滑 (e=0.2)":"smooth_0.2",
-            "输出扰动 (s=0.01)":"baseline","输出扰动 (s=0.015)":"baseline","输出扰动 (s=0.02)":"baseline"}
+EVAL_ACC={u"基线���型":bl_acc,u"标签平滑 (\u03b5=0.02)":s002_acc,u"标签平滑 (\u03b5=0.2)":s02_acc,
+          u"输出扰动 (\u03c3=0.01)":bl_acc,u"输出扰动 (\u03c3=0.015)":bl_acc,u"输出扰动 (\u03c3=0.02)":bl_acc}
+EVAL_KEY={u"基线模型":"baseline",u"标签平滑 (\u03b5=0.02)":"smooth_0.02",u"标签平滑 (\u03b5=0.2)":"smooth_0.2",
+          u"输出扰动 (\u03c3=0.01)":"baseline",u"输出扰动 (\u03c3=0.015)":"baseline",u"输出扰动 (\u03c3=0.02)":"baseline"}
 
 
 def cb_eval(model):
-    k = EVAL_KEY.get(model, "baseline")
-    acc = EVAL_ACC.get(model, bl_acc)
-    q = EVAL_POOL[np.random.randint(len(EVAL_POOL))]
-    ok = q.get(k, q.get('baseline', False))
-    ic = "✅ 正确" if ok else "❌ 错误"
-    note = "\n\n> 输出扰动不改变模型，准确率与基线一致。" if "扰动" in model else ""
-    return ("**" + model + "**　总体��确率: " + f"{acc:.1f}%" + "\n\n"
+    k=EVAL_KEY.get(model,"baseline"); acc=EVAL_ACC.get(model,bl_acc)
+    q=EVAL_POOL[np.random.randint(len(EVAL_POOL))]; ok=q.get(k,q.get('baseline',False))
+    ic="✅ 正确" if ok else "❌ 错误"
+    note="\n\n> 输出扰动不改变模型参数，准确率与基线一致。" if u"\u03c3" in model else ""
+    return ("**"+model+"**　(准确率: "+f"{acc:.1f}%"+")\n\n"
             "| 项目 | 内容 |\n|---|---|\n"
-            "| 类型 | " + q['type_cn'] + " |\n"
-            "| 题目 | " + q['question'] + " |\n"
-            "| 正确答案 | " + q['answer'] + " |\n"
-            "| 判定 | " + ic + " |" + note)
+            "| 类型 | "+q['type_cn']+" |\n| 题目 | "+q['question']+" |\n"
+            "| 正确答案 | "+q['answer']+" |\n| 判定 | "+ic+" |"+note)
 
 
-# ========================================
-# 界面
-# ========================================
+# ══════════════ 界面 ══════════════
 
 CSS = """
-:root { --blue: #2563eb; --slate: #334155; }
-body { background: #f8fafc !important; }
-.gradio-container { max-width: 1180px !important; margin: auto !important;
-    font-family: "Inter", -apple-system, "PingFang SC", "Microsoft YaHei", sans-serif !important; }
+:root { --blue: #2563eb; --blue-light: #eff6ff; --slate: #334155; --bg: #f8fafc; }
+body { background: var(--bg) !important; }
+.gradio-container { max-width: 1200px !important; margin: auto !important;
+    font-family: "Inter",-apple-system,"PingFang SC","Microsoft YaHei",sans-serif !important; }
+
+/* 顶部标题区域 */
+.title-area { text-align: center; padding: 32px 20px 18px; margin-bottom: 4px;
+    background: linear-gradient(135deg, #1e3a5f 0%, #2563eb 50%, #3b82f6 100%);
+    border-radius: 12px; color: white; }
+.title-area h1 { color: white !important; font-size: 1.65rem !important; margin: 0 !important;
+    letter-spacing: -.01em !important; text-shadow: 0 1px 2px rgba(0,0,0,.15); }
+.title-area p { color: rgba(255,255,255,.85) !important; font-size: .88rem !important; margin-top: 6px !important; }
 
 /* Tab */
-.tab-nav { border-bottom: 2px solid #e2e8f0 !important; gap: 4px !important; }
-.tab-nav button { font-size: 14px !important; padding: 12px 20px !important; font-weight: 500 !important;
+.tab-nav { border-bottom: 2px solid #e2e8f0 !important; gap: 2px !important; padding: 0 4px !important; }
+.tab-nav button { font-size: 13.5px !important; padding: 11px 18px !important; font-weight: 500 !important;
     color: #64748b !important; border: none !important; background: transparent !important;
-    border-radius: 6px 6px 0 0 !important; transition: .2s !important; }
-.tab-nav button:hover { color: var(--blue) !important; background: #eff6ff !important; }
+    border-radius: 8px 8px 0 0 !important; transition: .15s !important; }
+.tab-nav button:hover { color: var(--blue) !important; background: var(--blue-light) !important; }
 .tab-nav button.selected { color: var(--blue) !important; font-weight: 700 !important;
-    border-bottom: 2.5px solid var(--blue) !important; background: #eff6ff !important; }
+    border-bottom: 2.5px solid var(--blue) !important; background: var(--blue-light) !important; }
 
 .tabitem { background: #fff !important; border-radius: 0 0 10px 10px !important;
-    box-shadow: 0 1px 3px rgba(0,0,0,.04) !important; padding: 28px !important;
+    box-shadow: 0 1px 4px rgba(0,0,0,.03) !important; padding: 24px 28px !important;
     border: 1px solid #e2e8f0 !important; border-top: none !important; }
 
-/* Typography */
-.prose h1 { font-size: 1.75rem !important; color: #0f172a !important; font-weight: 800 !important;
-    text-align: center !important; letter-spacing: -.02em !important; margin-bottom: .3em !important; }
-.prose h2 { font-size: 1.2rem !important; color: #1e293b !important; font-weight: 700 !important;
-    margin-top: 1.4em !important; padding-bottom: .3em !important; border-bottom: 1.5px solid #f1f5f9 !important; }
-.prose h3 { font-size: 1.02rem !important; color: var(--slate) !important; font-weight: 600 !important; }
+/* 排版 */
+.prose h2 { font-size: 1.18rem !important; color: #0f172a !important; font-weight: 700 !important;
+    margin-top: 1.2em !important; padding-bottom: .3em !important;
+    border-bottom: 2px solid #f1f5f9 !important; }
+.prose h3 { font-size: .98rem !important; color: var(--slate) !important; font-weight: 600 !important;
+    margin-top: 1em !important; }
 
-/* Table */
+/* 表格 */
 .prose table { width: 100% !important; border-collapse: separate !important; border-spacing: 0 !important;
-    border-radius: 8px !important; overflow: hidden !important; margin: 1em 0 !important;
-    box-shadow: 0 0 0 1px #e2e8f0 !important; font-size: .88rem !important; }
+    border-radius: 8px !important; overflow: hidden !important; margin: .8em 0 !important;
+    box-shadow: 0 0 0 1px #e2e8f0 !important; font-size: .85rem !important; }
 .prose th { background: #f8fafc !important; color: #475569 !important; font-weight: 600 !important;
-    padding: 9px 12px !important; border-bottom: 1.5px solid #e2e8f0 !important; font-size: .82rem !important; }
-.prose td { padding: 8px 12px !important; color: var(--slate) !important; border-bottom: 1px solid #f1f5f9 !important; }
+    padding: 8px 11px !important; border-bottom: 1.5px solid #e2e8f0 !important; font-size: .8rem !important; }
+.prose td { padding: 7px 11px !important; color: var(--slate) !important; border-bottom: 1px solid #f1f5f9 !important; }
 .prose tr:last-child td { border-bottom: none !important; }
+.prose tr:hover td { background: #f8fafc !important; }
+
+/* 引用 */
+.prose blockquote { border-left: 3px solid var(--blue) !important; background: var(--blue-light) !important;
+    padding: 10px 14px !important; border-radius: 0 6px 6px 0 !important;
+    color: #1e40af !important; font-size: .87rem !important; margin: .8em 0 !important; }
 
-/* Blockquote */
-.prose blockquote { border-left: 3px solid var(--blue) !important; background: #f0f7ff !important;
-    padding: 10px 14px !important; border-radius: 0 6px 6px 0 !important; color: #1e40af !important;
-    font-size: .9rem !important; margin: 1em 0 !important; }
+/* 按钮 */
+button.primary { background: linear-gradient(135deg, #2563eb, #1d4ed8) !important;
+    border: none !important; box-shadow: 0 2px 8px rgba(37,99,235,.2) !important;
+    font-weight: 600 !important; border-radius: 8px !important; }
+button.primary:hover { box-shadow: 0 4px 12px rgba(37,99,235,.3) !important; }
 
-/* Button */
-button.primary { background: var(--blue) !important; border: none !important;
-    box-shadow: 0 2px 8px rgba(37,99,235,.2) !important; font-weight: 600 !important; border-radius: 8px !important; }
+/* 指标卡片 */
+.metric-card { display: inline-block; padding: 12px 18px; margin: 4px; border-radius: 8px;
+    background: white; border: 1px solid #e2e8f0; box-shadow: 0 1px 3px rgba(0,0,0,.04);
+    text-align: center; min-width: 140px; }
 
 footer { display: none !important; }
 """
 
 with gr.Blocks(title="MIA攻防研究", theme=gr.themes.Soft(primary_hue="blue", neutral_hue="slate"), css=CSS) as demo:
 
-    gr.Markdown("# 教育大模型中的成员推理攻击及其防御研究\n"
-                "> 基于 " + model_name + " 微调的数学辅导模型，验证MIA风险与两类防御策略的有效性")
+    gr.HTML("""<div class="title-area">
+        <h1>教育大模型中的成员推理攻击及其防御研究</h1>
+        <p>Membership Inference Attack & Defense on Educational LLM</p>
+    </div>""")
 
-    # ────────────── Tab 1 ──────────────
+    # ═══════ Tab 1 ═══════
     with gr.Tab("实验总览"):
         gr.Markdown(
-            "## 研究问题\n\n"
-            "如果用包含学生隐私的数据训练教育AI，攻击者能否推断出哪些学生的数据被使用？\n\n---\n\n"
-            "## 核心指标\n\n"
-            "| 指标 | 基线 | LS(e=0.02) | LS(e=0.2) | OP(s=0.01) | OP(s=0.015) | OP(s=0.02) |\n"
-            "|------|------|-----------|----------|-----------|------------|----------|\n"
-            "| AUC | " + f"{bl_auc:.4f}" + " | " + f"{s002_auc:.4f}" + " | " + f"{s02_auc:.4f}" + " | " + f"{op001_auc:.4f}" + " | " + f"{op0015_auc:.4f}" + " | " + f"{op002_auc:.4f}" + " |\n"
-            "| 准确率 | " + f"{bl_acc:.1f}%" + " | " + f"{s002_acc:.1f}%" + " | " + f"{s02_acc:.1f}%" + " | " + f"{bl_acc:.1f}%" + " | " + f"{bl_acc:.1f}%" + " | " + f"{bl_acc:.1f}%" + " |\n\n"
-            "> AUC越接近0.5，防御越有效。准确率越高，模型效用越好。\n\n---\n\n"
+            "## 研究背景与目标\n\n"
+            "大语言模型在教育领域的应用日益广泛（如AI数学辅导），模型训练不可避免地接触学生敏感数据。"
+            "**成员推理攻击 (MIA)** 可判断某条数据是否参与了训练，构成隐私威胁。\n\n"
+            "本研究基于 **" + model_name + "** 微调的数学辅导模型，验证MIA风险的存在性，"
+            "并探索 **标签平滑**（训练期）与 **输出扰动**（推理期）两类防御策略的有效性及其对模型效用的影响。\n\n---")
+
+        gr.Markdown("## 实验核心指标\n")
+        gr.Markdown(
+            "| 策略 | AUC | 准确率 | 说明 |\n|---|---|---|---|\n"
+            "| **基线（无防御）** | **" + f"{bl_auc:.4f}" + "** | " + f"{bl_acc:.1f}%" + " | 攻击风险基准 |\n"
+            "| " + u"LS(\u03b5=0.02)" + " | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | 训练期防御 |\n"
+            "| " + u"LS(\u03b5=0.2)" + " | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | 训练期防御 |\n"
+            "| " + u"OP(\u03c3=0.01)" + " | " + f"{op001_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 推理期防御 |\n"
+            "| " + u"OP(\u03c3=0.015)" + " | " + f"{op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 推理期防御 |\n"
+            "| " + u"OP(\u03c3=0.02)" + " | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 推理期防御 |\n\n"
+            "> AUC越接近0.5 = 防御越有效　|　准确率越高 = 模型效用越好\n\n---")
+
+        gr.Markdown(
             "## 实验流程\n\n"
-            "| 阶段 | 内容 | 方法 |\n|------|------|------|\n"
-            "| 1. 数据准备 | 2000条数学辅导对话 | 模板化生成，含隐私字段 |\n"
-            "| 2. 基线训练 | Qwen2.5-Math + LoRA | 标准微调，无防御 |\n"
-            "| 3. 防御训练 | 标签平滑 e=0.02 / 0.2 | 两组参数分别训练 |\n"
-            "| 4. 攻击测试 | 3个模型 + 3组输出扰动 | Loss阈值判定，AUC评估 |\n"
-            "| 5. 效用评估 | 300道数学题 | 6种配置分别测试 |\n"
-            "| 6. 综合分析 | 隐私-效用权衡 | 定量对比 |\n\n"
-            "## 实验配置\n\n"
-            "| 项目 | 值 |\n|---|---|\n"
-            "| 模型 | " + model_name + " |\n"
-            "| 微调 | LoRA (r=8, alpha=16) |\n"
-            "| 训练 | 10 epochs |\n"
-            "| 数据 | 成员1000条 + 非成员1000条 |\n")
-
-    # ────────────── Tab 2 ──────────────
+            "| 阶段 | 内容 | 方法 |\n|---|---|---|\n"
+            "| 1. 数据准备 | 2000条数学���导对话 | 模板化生成，含姓名/学号/成绩 |\n"
+            "| 2. 基线训练 | " + model_name + " + LoRA | 标准微调(r=8, alpha=16, 10 epochs) |\n"
+            "| 3. 防御训练 | " + u"\u03b5=0.02 / \u03b5=0.2" + " | 两组标签平滑参数分别训练 |\n"
+            "| 4. 攻击测试 | 3个模型 + 3组扰动 | Loss阈值判定，AUC评估 |\n"
+            "| 5. 效用评估 | 300道数学题 | 6种配置分别测试准确率 |\n"
+            "| 6. 综合分析 | 隐私-效用权衡 | 定量对比与可视化 |\n")
+
+    # ═══════ Tab 2 ═══════
     with gr.Tab("数据与模型"):
         gr.Markdown(
-            "## 数据集\n\n"
-            "- **成员数据** (1000条)：用于模型训练，模型会\"记住\"这些数据\n"
-            "- **非成员数据** (1000条)：不参与训练，作为攻击的对照组\n"
-            "- 两组数据格式完全相同（均含隐私字段），这是MIA实验的标准设置\n\n"
+            "## 实验数据集\n\n"
+            "| 数据组 | 数量 | 用途 | 说明 |\n|---|---|---|---|\n"
+            "| 成员数据 | 1000条 | 模型训练 | 模型会\"记住\"，Loss偏低 |\n"
+            "| 非成员数据 | 1000条 | 攻击对照 | 模型\"没见过\"，Loss偏高 |\n\n"
+            "> 两组数据格式完全相同（均含隐私字段），这是MIA实验的标准设置——攻击者无法从格式区分\n\n"
             "| 任务类型 | 数量 | 占比 |\n|---|---|---|\n"
-            "| 基础计算 | 800 | 40% |\n| 应用题 | 600 | 30% |\n| 概念问答 | 400 | 20% |\n| 错题订正 | 200 | 10% |\n\n"
-            "### 数据样例\n\n选择数据池并随机提取一条样本，查看其包含的隐私信息和对话内容。")
-        with gr.Row():
+            "| 基础计算 | 800 | 40% |\n| 应用题 | 600 | 30% |\n| 概念问答 | 400 | 20% |\n| 错题订正 | 200 | 10% |\n")
+        gr.Markdown("### 数据样例浏览")
+        with gr.Row(equal_height=True):
             with gr.Column(scale=2):
                 d_src = gr.Radio(["成员数据（训练集）","非成员数据（测试集）"], value="成员数据（训练集）", label="数据来源")
                 d_btn = gr.Button("随机提取样本", variant="primary")
@@ -418,103 +396,103 @@ with gr.Blocks(title="MIA攻防研究", theme=gr.themes.Soft(primary_hue="blue",
                 d_a = gr.Textbox(label="标准回答", lines=4, interactive=False)
         d_btn.click(cb_sample, [d_src], [d_meta, d_q, d_a])
 
-    # ────────────── Tab 3 ──────────────
+    # ═══════ Tab 3 ═══════
     with gr.Tab("攻击与防御验证"):
-        gr.Markdown("## 交互式MIA攻击演示\n\n"
-                    "通过对照实验验证攻击的有效性和防御策略的效果。\n\n"
-                    "**建议操作顺序**: ① 基线+成员 → ② 基线+非成员 → ③ 标签平滑+成员 → ④ 输出扰动+成员")
-        with gr.Row():
+        gr.Markdown("## 成员推理攻击交互演示\n\n"
+                    "选择攻击目标和数据来源，系统实时计算Loss并判定成员身份。通过切换不同目标形成对照实验。")
+        with gr.Row(equal_height=True):
             with gr.Column(scale=2):
-                a_target = gr.Radio(["基线模型 (Baseline)","标签平滑 (e=0.02)","标签平滑 (e=0.2)",
-                    "输出扰动 (s=0.01)","输出扰动 (s=0.015)","输出扰动 (s=0.02)"],
-                    value="基线模型 (Baseline)", label="攻击目标")
+                a_target = gr.Radio([u"基线模型 (Baseline)",u"标签平滑 (\u03b5=0.02)",u"标签平滑 (\u03b5=0.2)",
+                    u"输出扰动 (\u03c3=0.01)",u"输出扰动 (\u03c3=0.015)",u"输出扰动 (\u03c3=0.02)"],
+                    value=u"基线模型 (Baseline)", label="攻击目标")
                 a_src = gr.Radio(["成员数据（训练集）","非成员数据（测试集）"], value="成员数据（训练集）", label="数据来源")
                 a_idx = gr.Slider(0, 999, step=1, value=12, label="样本 ID")
-                a_btn = gr.Button("执行攻击", variant="primary", size="lg")
+                a_btn = gr.Button("执行成员推理攻击", variant="primary", size="lg")
                 a_qtxt = gr.Markdown()
             with gr.Column(scale=3):
-                a_gauge = gr.Plot(label="Loss位置")
+                a_gauge = gr.Plot(label="Loss位置判定")
                 a_res = gr.Markdown()
         a_btn.click(cb_attack, [a_idx, a_src, a_target], [a_qtxt, a_gauge, a_res])
 
-    # ────────────── Tab 4 ──────────────
-    with gr.Tab("实验结果分析"):
-        gr.Markdown("## 攻击与防御效果\n")
-        gr.Markdown("### MIA攻击AUC对比")
+    # ═══════ Tab 4 ═══════
+    with gr.Tab("防御效果分析"):
+        gr.Markdown("## MIA攻击AUC对比\n\n> 柱子越矮 = AUC越低 = 攻击越难成功 = 防御越有效")
         gr.Plot(value=fig_auc_bar())
-        gr.Markdown("### Loss分布 — 三个模型")
+
+        gr.Markdown("## Loss分布对比\n### 三个模型（训练期防御效果）\n\n> 蓝色=成员，红色=非成员。两色重叠越多 = 攻击者越难区分")
         gr.Plot(value=fig_loss_dist())
-        gr.Markdown("### Loss分布 — 输出扰动效果")
+        gr.Markdown("### 输出扰动效果（推理期防御）\n\n> 在基线模型Loss上加噪声，随噪声增大分布更加重叠")
         gr.Plot(value=fig_perturb_dist())
 
         gr.Markdown(
-            "### 完整结果\n\n"
+            "## 完整实验数据\n\n"
             "| 策略 | 类型 | AUC | 准确率 | AUC变化 |\n|---|---|---|---|---|\n"
             "| 基线 | — | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | — |\n"
-            "| LS(e=0.02) | 训练期 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | " + f"{s002_auc-bl_auc:+.4f}" + " |\n"
-            "| LS(e=0.2) | 训练期 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | " + f"{s02_auc-bl_auc:+.4f}" + " |\n"
-            "| OP(s=0.01) | 推理期 | " + f"{op001_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op001_auc-bl_auc:+.4f}" + " |\n"
-            "| OP(s=0.015) | 推理期 | " + f"{op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op0015_auc-bl_auc:+.4f}" + " |\n"
-            "| OP(s=0.02) | 推理期 | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op002_auc-bl_auc:+.4f}" + " |\n")
-
-        gr.Markdown("---\n## 效用评估\n")
-        with gr.Row():
-            with gr.Column(): gr.Plot(value=fig_acc_bar())
-            with gr.Column(): gr.Plot(value=fig_tradeoff())
-
-        gr.Markdown("### 在线效用测试\n\n随机抽取测试题，查看不同模型的作答表现。")
-        with gr.Row():
-            with gr.Column(scale=1):
-                e_model = gr.Radio(["基线模型","标签平滑 (e=0.02)","标签平滑 (e=0.2)",
-                    "输出扰动 (s=0.01)","输出扰动 (s=0.015)","输出扰动 (s=0.02)"], value="基线模型", label="模型")
-                e_btn = gr.Button("随机抽题", variant="primary")
-            with gr.Column(scale=2):
-                e_res = gr.Markdown()
-        e_btn.click(cb_eval, [e_model], [e_res])
-
-        gr.Markdown("---\n### 防御机制对比\n\n"
+            "| " + u"LS(\u03b5=0.02)" + " | 训练期 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | " + f"{s002_auc-bl_auc:+.4f}" + " |\n"
+            "| " + u"LS(\u03b5=0.2)" + " | 训练期 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | " + f"{s02_auc-bl_auc:+.4f}" + " |\n"
+            "| " + u"OP(\u03c3=0.01)" + " | 推理期 | " + f"{op001_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op001_auc-bl_auc:+.4f}" + " |\n"
+            "| " + u"OP(\u03c3=0.015)" + " | 推理期 | " + f"{op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op0015_auc-bl_auc:+.4f}" + " |\n"
+            "| " + u"OP(\u03c3=0.02)" + " | 推理期 | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | " + f"{op002_auc-bl_auc:+.4f}" + " |\n\n"
+            "## 防御机制说明\n\n"
             "| 维度 | 标签平滑 | 输出扰动 |\n|---|---|---|\n"
             "| 阶段 | 训练期 | 推理期 |\n"
-            "| 原理 | 软化标签，降低记忆 | Loss加噪声，模糊信号 |\n"
+            "| 原理 | 软化标签降低记忆 | Loss加噪遮蔽信号 |\n"
             "| 需重训 | 是 | 否 |\n"
             "| 效用影响 | 取决于参数 | 无 |\n"
             "| 部署 | 训练时介入 | 即插即用 |\n\n"
-            "**标签平滑公式**: y_smooth = (1-e) * y_onehot + e/V\n\n"
-            "**输出扰动公式**: L_perturbed = L_original + N(0, s^2)\n")
+            "**标签平滑**: y_smooth = (1 - " + u"\u03b5" + ") * y_onehot + " + u"\u03b5" + " / V\n\n"
+            "**输出扰动**: L_perturbed = L_original + N(0, " + u"\u03c3" + u"\u00b2" + ")\n")
 
         for fn, cap in [("fig1_loss_distribution_comparison.png","Loss分布对比"),
                          ("fig2_privacy_utility_tradeoff_fixed.png","隐私-效用权衡"),
                          ("fig3_defense_comparison_bar.png","防御策略AUC对比")]:
-            p = os.path.join(BASE_DIR, "figures", fn)
+            p = os.path.join(BASE_DIR,"figures",fn)
             if os.path.exists(p):
-                gr.Markdown("### " + cap); gr.Image(value=p, show_label=False, height=420)
+                gr.Markdown("### "+cap); gr.Image(value=p, show_label=False, height=420)
+
+    # ═══════ Tab 5 ═══════
+    with gr.Tab("效用评估"):
+        gr.Markdown("## 模型效用测试\n\n> 基于300道数学测试题评估各策略对模型实际能力的影响")
+        with gr.Row(equal_height=True):
+            with gr.Column(): gr.Plot(value=fig_acc_bar())
+            with gr.Column(): gr.Plot(value=fig_tradeoff())
+        gr.Markdown("### 在线效用演示\n\n从测试题库中随机抽取，查看不同模型/策略的作答情况。")
+        with gr.Row(equal_height=True):
+            with gr.Column(scale=1):
+                e_model = gr.Radio([u"基线模型",u"标签平滑 (\u03b5=0.02)",u"标签平滑 (\u03b5=0.2)",
+                    u"输出扰动 (\u03c3=0.01)",u"输出扰动 (\u03c3=0.015)",u"输出扰动 (\u03c3=0.02)"], value=u"基线模型", label="选择模型")
+                e_btn = gr.Button("随机抽题测试", variant="primary")
+            with gr.Column(scale=2):
+                e_res = gr.Markdown()
+        e_btn.click(cb_eval, [e_model], [e_res])
 
-    # ────────────── Tab 5 ──────────────
+    # ═══════ Tab 6 ═══════
     with gr.Tab("研究结论"):
         gr.Markdown(
-            "## 核心发现\n\n---\n\n"
+            "## 核心研究发现\n\n---\n\n"
             "### 一、教育大模型存在可量化的MIA风险\n\n"
-            "基线模型 AUC = **" + f"{bl_auc:.4f}" + "**，显著高于随机基准0.5。成员平均Loss ("
-            + f"{bl_m_mean:.4f}" + ") 低于非成员 (" + f"{bl_nm_mean:.4f}" + ")，模型对训练数据存在可利用的记忆效应。\n\n---\n\n"
+            "基线模型 AUC = **" + f"{bl_auc:.4f}" + "** > 0.5，成员平均Loss (" + f"{bl_m_mean:.4f}"
+            + ") < 非成员 (" + f"{bl_nm_mean:.4f}" + ")，模型对训练数据存在可利用的记忆效应。\n\n---\n\n"
             "### 二、标签平滑（训练期防御）\n\n"
             "| 参数 | AUC | 准确率 | 分析 |\n|---|---|---|---|\n"
             "| 基线 | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 无防御 |\n"
-            "| e=0.02 | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | 正则化提升泛化 |\n"
-            "| e=0.2 | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | 防御增强 |\n\n---\n\n"
+            "| " + u"\u03b5=0.02" + " | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | 正则化提升泛化 |\n"
+            "| " + u"\u03b5=0.2" + " | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | 防御增强 |\n\n---\n\n"
             "### 三、输出扰动（推理期防御）\n\n"
             "| 参数 | AUC | AUC降幅 | 准确率 |\n|---|---|---|---|\n"
-            "| s=0.01 | " + f"{op001_auc:.4f}" + " | " + f"{bl_auc-op001_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n"
-            "| s=0.015 | " + f"{op0015_auc:.4f}" + " | " + f"{bl_auc-op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n"
-            "| s=0.02 | " + f"{op002_auc:.4f}" + " | " + f"{bl_auc-op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n\n"
+            "| " + u"\u03c3=0.01" + " | " + f"{op001_auc:.4f}" + " | " + f"{bl_auc-op001_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n"
+            "| " + u"\u03c3=0.015" + " | " + f"{op0015_auc:.4f}" + " | " + f"{bl_auc-op0015_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n"
+            "| " + u"\u03c3=0.02" + " | " + f"{op002_auc:.4f}" + " | " + f"{bl_auc-op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " |\n\n"
             "零效用损失，适合已部署系统的后期加固。\n\n---\n\n"
-            "### 四、隐私-效用权衡\n\n"
+            "### 四、隐私-效用权衡总结\n\n"
             "| 策略 | AUC | 准确率 | 隐私 | 效用 |\n|---|---|---|---|---|\n"
             "| 基线 | " + f"{bl_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 风险最高 | 基准 |\n"
-            "| LS(e=0.02) | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | 风险降低 | 提升 |\n"
-            "| LS(e=0.2) | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | 显著降低 | 可接受 |\n"
-            "| OP(s=0.02) | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 显著降低 | 不变 |\n\n"
-            "两类策略机制互补：标签平滑从训练阶段降低记忆，输出扰动从推理阶段遮蔽信号。\n")
+            "| " + u"LS(\u03b5=0.02)" + " | " + f"{s002_auc:.4f}" + " | " + f"{s002_acc:.1f}%" + " | 降低 | 提升 |\n"
+            "| " + u"LS(\u03b5=0.2)" + " | " + f"{s02_auc:.4f}" + " | " + f"{s02_acc:.1f}%" + " | 显著降低 | 可接受 |\n"
+            "| " + u"OP(\u03c3=0.02)" + " | " + f"{op002_auc:.4f}" + " | " + f"{bl_acc:.1f}%" + " | 显著降低 | 不变 |\n\n"
+            "两类策略机制互补：标签平滑从训练阶段降低记忆，输出扰动从推理阶段遮蔽信号。可根据实际需求灵活选择。\n")
 
-    gr.Markdown("<center style='color:#94a3b8;font-size:.85rem;margin-top:1em'>教育大模型成员推理攻击及其防御研究</center>")
+    gr.HTML("<div style='text-align:center;color:#94a3b8;font-size:.82rem;padding:16px 0 8px'>"
+            "教育大模型中的成员推理攻击及其防御研究</div>")
 
 demo.launch()