RNN-Test: Towards Adversarial Testing for Recurrent Neural Network Systems
Wed 11 May 2022 21:10 - 21:15 at ICSE room 4-odd hours - Software Testing 7 Chair(s): Upsorn Praphamontripong
While massive efforts have been investigated in adversarial testing of convolutional neural networks (CNN), testing for recurrent neural networks (RNN) is still limited and leaves threats for vast sequential application domains. In this paper, we propose an adversarial testing framework RNN-Test for RNN systems, focusing on sequence-to-sequence (seq2seq) tasks of widespread deployments, not only classification domains. First, we design a novel search methodology customized for RNN models by maximizing the inconsistency of RNN states against their inner dependencies to produce adversarial inputs. Next, we introduce two state-based coverage metrics according to the distinctive structure of RNNs to exercise more system behaviors. Finally, RNN-Test solves the joint optimization problem to maximize state inconsistency and state coverage, and crafts adversarial inputs for various tasks of different kinds of inputs.
For evaluations, we apply RNN-Test on four RNN models of common structures. On the tested models, the RNN-Test approach is demonstrated to be competitive in generating adversarial inputs, outperforming FGSM-based and DLFuzz-based methods to reduce the model performance more sharply with 2.78% to 37.94% higher success (or generation) rate. RNN-Test could also achieve 52.65% to 66.45% higher adversary rate than testRNN on MNIST LSTM model, as well as 53.76% to 58.02% more perplexity with 16% higher generation rate than DeepStellar on PTB language model. Compared with the traditional neuron coverage, the proposed state coverage metrics as guidance excel with 4.17% to 97.22% higher success (or generation) rate.
Tue 10 MayDisplayed time zone: Eastern Time (US & Canada) change
04:00 - 05:00 | Software Testing 1Technical Track / Journal-First Papers at ICSE room 2-even hours Chair(s): Ajitha Rajan University of Edinburgh | ||
04:00 5mTalk | The Impact of Dormant Defects on Defect Prediction: a Study of 19 Apache Projects Journal-First Papers Davide Falessi University of Rome Tor Vergata, Italy, Aalok Ahluwalia California Polytechnic State University, Massimiliano Di Penta University of Sannio, Italy Link to publication DOI Media Attached | ||
04:05 5mTalk | Smoke Testing for Machine Learning: Simple Tests to Discover Severe Defects Journal-First Papers DOI Media Attached | ||
04:10 5mTalk | RNN-Test: Towards Adversarial Testing for Recurrent Neural Network Systems Journal-First Papers Jianmin Guo Tsinghua University, Quan Zhang Tsinghua University, Yue Zhao Huawei Technologies Co., Ltd., Heyuan Shi Central South University, Yu Jiang Tsinghua University, Jia-Guang Sun Link to publication DOI Pre-print Media Attached | ||
04:15 5mTalk | Adaptive Test Selection for Deep Neural Networks Technical Track Xinyu Gao Nanjing University, Yang Feng Nanjing University, Yining Yin Nanjing University, China, Zixi Liu Nanjing University, Zhenyu Chen Nanjing University, Baowen Xu Nanjing University Pre-print Media Attached | ||
04:20 5mTalk | Evaluating and Improving Neural Program-Smoothing-based Fuzzing Technical Track Mingyuan Wu Southern University of Science and Technology, Ling Jiang Southern University of Science and Technology, Jiahong Xiang Southern University of Science and Technology, Yuqun Zhang Southern University of Science and Technology, Guowei Yang The University of Queensland, Huixin Ma Tencent Security Keen Lab, Sen Nie Keen Security Lab, Tencent, Shi Wu Tencent Security Keen Lab, Heming Cui University of Hong Kong, Lingming Zhang University of Illinois at Urbana-Champaign DOI Pre-print Media Attached | ||
04:25 5mTalk | Muffin: Testing Deep Learning Libraries via Neural Architecture Fuzzing Technical Track Jiazhen Gu Fudan University, China, Xuchuan Luo Fudan University, Yangfan Zhou Fudan University, Xin Wang Fudan University Pre-print Media Attached | ||
Wed 11 MayDisplayed time zone: Eastern Time (US & Canada) change
21:00 - 22:00 | Software Testing 7Journal-First Papers / Technical Track at ICSE room 4-odd hours Chair(s): Upsorn Praphamontripong Computer Science, University of Virginia | ||
21:00 5mTalk | A Family of Experiments on Test-Driven Development Journal-First Papers Adrian Santos Parrilla University of Oulu, Sira Vegas Universidad Politecnica de Madrid, Oscar Dieste Universidad Politécnica de Madrid, Fernando Uyaguari ETAPA Telecommunications Company, Ayse Tosun Istanbul Technical University, Davide Fucci Blekinge Institute of Technology, Burak Turhan University of Oulu, Giuseppe Scanniello University of Basilicata, Simone Romano University of Bari, Itir Karac University of Oulu, Marco Kuhrmann Reutlingen University, Vladimir Mandić Faculty of Technical Sciences, University of Novi Sad, Robert Ramač Faculty of Technical Sciences, University of Novi Sad, Dietmar Pfahl University of Tartu, Christian Engblom Ericsson, Jarno Kyykka Ericsson, Kerli Rungi Testlio, Carolina Palomeque ETAPA Telecommunications Company, Jaroslav Spisak PAF, Markku Oivo University of Oulu, Natalia Juristo Universidad Politecnica de Madrid Link to publication DOI Pre-print Media Attached | ||
21:05 5mTalk | The Impact of Dormant Defects on Defect Prediction: a Study of 19 Apache Projects Journal-First Papers Davide Falessi University of Rome Tor Vergata, Italy, Aalok Ahluwalia California Polytechnic State University, Massimiliano Di Penta University of Sannio, Italy Link to publication DOI Media Attached | ||
21:10 5mTalk | RNN-Test: Towards Adversarial Testing for Recurrent Neural Network Systems Journal-First Papers Jianmin Guo Tsinghua University, Quan Zhang Tsinghua University, Yue Zhao Huawei Technologies Co., Ltd., Heyuan Shi Central South University, Yu Jiang Tsinghua University, Jia-Guang Sun Link to publication DOI Pre-print Media Attached | ||
21:15 5mTalk | DeepState: Selecting Test Suites to Enhance the Robustness of Recurrent Neural Networks Technical Track Zixi Liu Nanjing University, Yang Feng Nanjing University, Yining Yin Nanjing University, China, Zhenyu Chen Nanjing University DOI Pre-print Media Attached | ||
21:20 5mTalk | Evaluating and Improving Neural Program-Smoothing-based Fuzzing Technical Track Mingyuan Wu Southern University of Science and Technology, Ling Jiang Southern University of Science and Technology, Jiahong Xiang Southern University of Science and Technology, Yuqun Zhang Southern University of Science and Technology, Guowei Yang The University of Queensland, Huixin Ma Tencent Security Keen Lab, Sen Nie Keen Security Lab, Tencent, Shi Wu Tencent Security Keen Lab, Heming Cui University of Hong Kong, Lingming Zhang University of Illinois at Urbana-Champaign DOI Pre-print Media Attached | ||
21:25 5mTalk | Muffin: Testing Deep Learning Libraries via Neural Architecture Fuzzing Technical Track Jiazhen Gu Fudan University, China, Xuchuan Luo Fudan University, Yangfan Zhou Fudan University, Xin Wang Fudan University Pre-print Media Attached | ||