Towards Practical Robustness Analysis for DNNs based on PAC-Model Learning
Fri 13 May 2022 05:20 - 05:25 at ICSE room 1-odd hours - Reliability and Safety 2 Chair(s): Shahar Maoz
To analyse local robustness properties of deep neural networks (DNNs), we present a practical framework from a model learning perspective. Based on black-box model learning with scenario optimisation, we abstract the local behaviour of a DNN via an affine model with the probably approximately correct (PAC) guarantee. From the learned model, we can infer the corresponding PAC-model robustness property. The innovation of our work is the integration of model learning into PAC robustness analysis: that is, we construct a PAC guarantee on the model level instead of sample distribution, which induces a more faithful and accurate robustness evaluation. This is in contrast to existing statistical methods without model learning. We implement our method in a prototypical tool named DeepPAC. As a black-box method, DeepPAC is scalable and efficient, especially when DNNs have complex structures or high-dimensional inputs. We extensively evaluate DeepPAC, with 4 baselines (using formal verification, statistical methods, testing and adversarial attack) and 20 DNN models across 3 datasets, including MNIST, CIFAR-10, and ImageNet. It is shown that DeepPAC outperforms the state-of-the-art statistical method PROVERO, and it achieves more practical robustness analysis than the formal verification tool ERAN. Also, its results are consistent with existing DNN testing work like DeepGini.
Mon 9 MayDisplayed time zone: Eastern Time (US & Canada) change
21:00 - 22:00 | Reliability and Safety 4Technical Track / NIER - New Ideas and Emerging Results / SEIP - Software Engineering in Practice at ICSE room 2-odd hours Chair(s): Jonathan Sillito Brigham Young University | ||
21:00 5mTalk | Are We Training with The Right Data? Evaluating Collective Confidence in Training Data using Dempster Shafer Theory NIER - New Ideas and Emerging Results Pre-print Media Attached | ||
21:05 5mTalk | Automating Staged Rollout with Reinforcement Learning NIER - New Ideas and Emerging Results Shadow Pritchard University of Tulsa, Vidhyashree Nagaraju University of Tulsa, Lance Fiondella University of Massachusetts Dartmouth Pre-print File Attached | ||
21:10 5mTalk | An Empirical Study on Quality Issues of eBay's Big Data SQL Analytics Platform SEIP - Software Engineering in Practice Feng Zhu ebay.Inc, Lijie Xu Institute of Software, Chinese Academy of Sciences, Gang Ma ebay.Inc, Shuping Ji University of Toronto, Jie Wang Peking University, China / Ant Group, China / Alibaba Group, China, Gang Wang ebay.Inc, Hongyi Zhang ebay.Inc, Kun Wan ebay.Inc, Mingming Wang ebay.Inc, Xingchao Zhang ebay.Inc, Yuming Wang ebay.Inc, Jingpin Li ebay.Inc DOI Pre-print | ||
21:15 5mTalk | PerfSig: Extracting Performance Bug Signatures via Multi-modality Causal Analysis Technical Track Jingzhu He ShanghaiTech University, Yuhang Lin North Carolina State University, Xiaohui Gu North Carolina State University, Chin-Chia Michael Yeh Visa Research, Zhongfang Zhuang Visa Research DOI Pre-print Media Attached | ||
21:20 5mTalk | TOGA: A Neural Method for Test Oracle GenerationDistinguished Paper Award Technical Track Elizabeth Dinella , Gabriel Ryan Columbia University, USA, Todd Mytkowicz Microsoft Research, Shuvendu K. Lahiri Microsoft Research DOI Pre-print Media Attached | ||
21:25 5mTalk | Towards Practical Robustness Analysis for DNNs based on PAC-Model Learning Technical Track Renjue Li Institute of Software at Chinese Academy of Sciences, China, Pengfei Yang Institute of Software at Chinese Academy of Sciences, China, Cheng-Chao Huang Nanjing Institute of Software Technology, ISCAS, Youcheng Sun The University of Manchester, Bai Xue Institute of Software at Chinese Academy of Sciences, China, Lijun Zhang Institute of Software, Chinese Academy of Sciences Pre-print Media Attached | ||
Fri 13 MayDisplayed time zone: Eastern Time (US & Canada) change
05:00 - 06:00 | Reliability and Safety 2NIER - New Ideas and Emerging Results / Technical Track / Journal-First Papers at ICSE room 1-odd hours Chair(s): Shahar Maoz Tel Aviv University, Israel | ||
05:00 5mTalk | TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses Journal-First Papers Linghui Luo Amazon Web Services, Felix Pauck Paderborn University, Germany, Goran Piskachev Fraunhofer IEM, Manuel Benz Paderborn University, Ivan Pashchenko University of Trento, Martin Mory Paderborn University, Eric Bodden , Ben Hermann Technical University Dortmund, Fabio Massacci University of Trento; Vrije Universiteit Amsterdam Link to publication DOI Pre-print Media Attached File Attached | ||
05:05 5mTalk | Are We Training with The Right Data? Evaluating Collective Confidence in Training Data using Dempster Shafer Theory NIER - New Ideas and Emerging Results Pre-print Media Attached | ||
05:10 5mTalk | Multi-Intention-Aware Configuration Selection for Performance Tuning Technical Track Haochen He National University of Defense Technology, Zhouyang Jia National University of Defense Technology, Shanshan Li National University of Defense Technology, Yue Yu College of Computer, National University of Defense Technology, Changsha 410073, China, Chenglong Zhou National University of Defense Technology, Qing Liao Harbin Institute of Technology, Ji Wang National University of Defense Technology, Liao Xiangke National University of Defense Technology Pre-print Media Attached | ||
05:15 5mTalk | PerfSig: Extracting Performance Bug Signatures via Multi-modality Causal Analysis Technical Track Jingzhu He ShanghaiTech University, Yuhang Lin North Carolina State University, Xiaohui Gu North Carolina State University, Chin-Chia Michael Yeh Visa Research, Zhongfang Zhuang Visa Research DOI Pre-print Media Attached | ||
05:20 5mTalk | Towards Practical Robustness Analysis for DNNs based on PAC-Model Learning Technical Track Renjue Li Institute of Software at Chinese Academy of Sciences, China, Pengfei Yang Institute of Software at Chinese Academy of Sciences, China, Cheng-Chao Huang Nanjing Institute of Software Technology, ISCAS, Youcheng Sun The University of Manchester, Bai Xue Institute of Software at Chinese Academy of Sciences, China, Lijun Zhang Institute of Software, Chinese Academy of Sciences Pre-print Media Attached | ||
05:25 5mTalk | Analyzing User Perspectives on Mobile App Privacy at Scale Technical Track Preksha Nema Google Inc., Pauline Anthonysamy Google Inc., Nina Taft Google Inc., Sai Teja Peddinti Google Inc. Pre-print Media Attached | ||