Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Tue 7 Jul 2020 07:24 - 07:36 at Goguryeo - I2-Security Chair(s): Andrea Stocco

Over the past decade, deep learning (DL) has achieved a big performance leap in company with the booming of big data. While it has been successfully applied to some industrial domain-specific tasks (e.g., face recognition, speech recognition), its quality and reliability raise great concern especially in the context of safety- and security-critical scenarios. Adversarial examples (AEs) represent a typical and important type of defects needed to be urgently resolved, on which a DL software makes incorrect decisions. Such defects can occur through either intentional manipulation of adversarial attack or physical-world noise perceived by input sensors, potentially hindering the industry deployment. The intrinsic uncertainty nature of deep learning decision could be a fundamental reason for its incorrect behavior. Although many testing, adversarial attack and defense techniques have been proposed, it still lacks a systematic study to uncover the relationship between AEs and DL uncertainty. In this paper, we conduct a large-scale study towards bridging this gap. We first investigate the capability of multiple uncertainty metrics on differentiating natural benign examples (BEs) and AEs. Then, we identify and categorize the uncertainty patterns of AEs and BEs, and find that while natural BEs and AEs generated by existing methods do follow common uncertainty patterns, some other uncertainty patterns are largely missed. Based on this, we propose an automated testing technique to generate multiple types of uncommon AEs and BEs. Our further evaluation reveals that the uncommon data generated by our methods is hard to be defensed by the state-of-the-art defense techniques with the average defense success rate reduced by 35%. Our results call for attention to generate more diverse data for evaluating and designing quality and reliable assurance solutions for DL software.

Tue 7 Jul

Displayed time zone: (UTC) Coordinated Universal Time change

07:00 - 08:00
I2-SecurityNew Ideas and Emerging Results / Technical Papers at Goguryeo
Chair(s): Andrea Stocco Università della Svizzera italiana
07:00
12m
Talk
Targeted Greybox Fuzzing with Static Lookahead AnalysisTechnical
Technical Papers
Valentin Wüstholz ConsenSys Diligence, Maria Christakis MPI-SWS
Pre-print
07:12
12m
Talk
HyDiff: Hybrid Differential Software AnalysisArtifact ReusableTechnicalArtifact Available
Technical Papers
Yannic Noller Humboldt-Universität zu Berlin, Corina S. Pasareanu Carnegie Mellon University Silicon Valley, NASA Ames Research Center, Marcel Böhme Monash University, Youcheng Sun Queen's University Belfast, Hoang Lam Nguyen Humboldt-Universität zu Berlin, Lars Grunske Humboldt-Universität zu Berlin
Pre-print
07:24
12m
Talk
Towards Characterizing Adversarial Defects of Deep Learning Software from the Lens of UncertaintyTechnical
Technical Papers
Xiyue Zhang Peking University, Xiaofei Xie Nanyang Technological University, Lei Ma Kyushu University, Xiaoning Du Nanyang Technological University, Qiang Hu Kyushu University, Japan, Yang Liu Nanyang Technological University, Singapore, Jianjun Zhao Kyushu University, Meng Sun Peking University
Pre-print
07:36
12m
Talk
One Size Does Not Fit All: A Grounded Theory and Online Survey Study of Developer Preferences for Security Warning TypesTechnical
Technical Papers
Anastasia Danilova University of Bonn, Alena Naiakshina University of Bonn, Matthew Smith University of Bonn, Fraunhofer FKIE
07:48
6m
Talk
Hey, my data are mine! Active data to empower the userNIER
New Ideas and Emerging Results
Gian Luca Scoccia University of L'Aquila, Matteo Maria Fiore University of L'Aquila, Patrizio Pelliccione University of L'Aquila and Chalmers | University of Gothenburg, Marco Autili University of L'Aquila, Italy, Paola Inverardi University of L'Aquila, Alejandro Russo Chalmers University of Technology, Sweden
07:54
6m
Talk
Threat modeling: from infancy to maturityNIER
New Ideas and Emerging Results
Koen Yskout imec - DistriNet, KU Leuven, Thomas Heyman Toreon, Dimitri Van Landuyt Katholieke Universiteit Leuven, Laurens Sion imec-DistriNet, KU Leuven, Kim Wuyts imec-DistriNet, KU Leuven, Wouter Joosen Katholieke Universiteit Leuven
Pre-print