ReMoS: Reducing Defect Inheritance in Transfer Learning via Relevant Model Slicing
Wed 11 May 2022 20:15 - 20:20 at ICSE room 2-even hours - Software Security 5 Chair(s): Nancy Mead
Transfer learning is a popular software reuse technique in the deep learning community that enables developers to build custom models (students) based on sophisticated pretrained models (teachers). However, like vulnerability inheritance in traditional software reuse, some defects in the teacher model may also be inherited by students, such as well-known adversarial vulnerabilities and backdoors. Reducing such defects is challenging since the student is unaware of how the teacher is trained and/or attacked. In this paper, we propose ReMoS, a relevant model slicing technique to reduce defect inheritance during transfer learning while retaining useful knowledge from the teacher model. Specifically, ReMoS computes a model slice (a subset of model weights) that is relevant to the student task based on the neuron coverage information obtained by profiling the teacher model on the student task. Only the relevant slice is used to fine-tune the student model, while the irrelevant weights are retrained from scratch to minimize the risk of inheriting defects. Our experiments on seven DNN defects, four DNN models, and eight datasets demonstrate that ReMoS can reduce inherited defects effectively (by 63% to 86% for CV tasks and by 40% to 61% for NLP tasks) and efficiently with minimal sacrifice of accuracy (3% on average).
Tue 10 MayDisplayed time zone: Eastern Time (US & Canada) change
03:00 - 04:00 | Software Security 1Journal-First Papers / Technical Track at ICSE room 3-odd hours Chair(s): Liliana Pasquale University College Dublin & Lero | ||
03:00 5mTalk | Deep Learning based Vulnerability Detection: Are We There Yet? Journal-First Papers Saikat Chakraborty Columbia University, Rahul Krishna IBM Research, Yangruibo Ding Columbia University, Baishakhi Ray Columbia University Link to publication DOI Media Attached | ||
03:05 5mTalk | ReMoS: Reducing Defect Inheritance in Transfer Learning via Relevant Model Slicing Technical Track Ziqi Zhang Peking University, Yuanchun Li Microsoft Research, Jindong Wang Microsoft Research, Bingyan Liu Peking University, Ding Li Peking University, Xiangqun Chen Peking University, Yao Guo Peking University, Yunxin Liu Tsinghua University Pre-print Media Attached | ||
03:10 5mTalk | Less is More: Supporting Developers in Vulnerability Detection during Code Review Technical Track Larissa Braz University of Zurich, Christian Aeberhard University of Zurich, Gül Calikli University of Glasgow, Alberto Bacchelli University of Zurich Link to publication DOI Pre-print Media Attached File Attached | ||
03:15 5mTalk | Aper: Evolution-Aware Runtime Permission Misuse Detection for Android Apps Technical Track Sinan Wang Southern University of Science and Technology, Yibo Wang Northeastern University, Xian Zhan The Hong Kong Polytechnic University, Ying Wang Northeastern University, China, Yepang Liu Southern University of Science and Technology, Xiapu Luo Hong Kong Polytechnic University, Shing-Chi Cheung Hong Kong University of Science and Technology DOI Pre-print Media Attached | ||
Wed 11 MayDisplayed time zone: Eastern Time (US & Canada) change
20:00 - 21:00 | Software Security 5Technical Track / SEIP - Software Engineering in Practice / Journal-First Papers at ICSE room 2-even hours Chair(s): Nancy Mead Carnegie Mellon University | ||
20:00 5mTalk | Deep Learning based Vulnerability Detection: Are We There Yet? Journal-First Papers Saikat Chakraborty Columbia University, Rahul Krishna IBM Research, Yangruibo Ding Columbia University, Baishakhi Ray Columbia University Link to publication DOI Media Attached | ||
20:05 5mTalk | An Empirical Study on Implicit Constraints in Smart Contract Static Analysis SEIP - Software Engineering in Practice Tingting Yin Tsinghua University, China, Chao Zhang Tsinghua University, Yuandong Ni Institute for Network Science and Cyberspace of Tsinghua University, Yixiong Wu Institute for Network Science and Cyberspace of Tsinghua University, Taiyu Wong Department of Computer Science and Technology, Tsinghua University, Xiapu Luo Hong Kong Polytechnic University, Zheming Li Tsinghua University, Yu Guo SECBIT labs Pre-print Media Attached | ||
20:10 5mTalk | RoPGen: Towards Robust Code Authorship Attribution via Automatic Coding Style Transformation Technical Track Zhen Li University of Texas at San Antonio, Guenevere (Qian) Chen University of Texas at San Antonio, Chen Chen University of Central Florida, Yayi Zou Northeastern University, Shouhuai Xu University of Colorado Colorado Springs Pre-print Media Attached | ||
20:15 5mTalk | ReMoS: Reducing Defect Inheritance in Transfer Learning via Relevant Model Slicing Technical Track Ziqi Zhang Peking University, Yuanchun Li Microsoft Research, Jindong Wang Microsoft Research, Bingyan Liu Peking University, Ding Li Peking University, Xiangqun Chen Peking University, Yao Guo Peking University, Yunxin Liu Tsinghua University Pre-print Media Attached | ||
20:20 5mTalk | Modx: Binary Level Partial Imported Third-Party Library Detection through Program Modularization and Semantic Matching Technical Track Can Yang Institute of Information Engineering, University of Chinese Academy of Sciences, Zhengzi Xu Nanyang Technological University, Hongxu Chen Huawei Technologies Co., Ltd., Yang Liu Nanyang Technological University, Xiaorui Gong Institute of Information Engineering, Chinese Academy of Science, Baoxu Liu Institute of Information Engineering, Chinese Academy of Sciences Pre-print Media Attached | ||
20:25 5mTalk | Large-scale Security Measurements on the Android Firmware Ecosystem Technical Track Qinsheng Hou Shandong University; Qi An Xin Group Corp., Wenrui Diao Shandong University, Yanhao Wang Qi An Xin Group Corp., Xiaofeng Liu Shandong University, Song Liu Qi An Xin Group Corp., Lingyun Ying Qi An Xin Group Corp., Shanqing Guo Shandong University, Yuanzhi Li Qi An Xin Group Corp., Meining Nie Qi An Xin Group Corp., Haixin Duan Institute for Network Science and Cyberspace, Tsinghua University; Qi An Xin Group Corp. Pre-print Media Attached | ||