Search Results for author:
Found 36 papers, 24 papers with code
NEUZZ: Efficient Fuzzing with Neural Program Smoothing
However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs.
DeepXplore: Automated Whitebox Testing of Deep Learning Systems
First, we introduce neuron coverage for systematically measuring the parts of a DL system exercised by test inputs.
Certified Robustness to Adversarial Examples with Differential Privacy
Adversarial examples that fool machine learning models, particularly deep neural networks, have been a topic of intense research interest, with attacks and defenses being developed in a tight back-and-forth.
Cost-Aware Robust Tree Ensembles for Security Applications
There are various costs for attackers to manipulate the features of security classifiers.
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Complete and Incomplete Neural Network Robustness Verification
Compared to the typically tightest but very costly semidefinite programming (SDP) based incomplete verifiers, we obtain higher verified accuracy with three orders of magnitudes less verification time.
TrustLLM: Trustworthiness in Large Language Models
This paper introduces TrustLLM, a comprehensive study of trustworthiness in LLMs, including principles for different dimensions of trustworthiness, established benchmark, evaluation, and analysis of trustworthiness for mainstream LLMs, and discussion of open challenges and future directions.
Fast and Complete: Enabling Complete Neural Network Verification with Rapid and Massively Parallel Incomplete Verifiers
Formal verification of neural networks (NNs) is a challenging and important problem.
General Cutting Planes for Bound-Propagation-Based Neural Network Verification
Our generalized bound propagation method, GCP-CROWN, opens up the opportunity to apply general cutting plane methods for neural network verification while benefiting from the efficiency and GPU acceleration of bound propagation methods.
HYDRA: Pruning Adversarially Robust Neural Networks
We demonstrate that our approach, titled HYDRA, achieves compressed networks with state-of-the-art benign and robust accuracy, simultaneously.
Trex: Learning Execution Semantics from Micro-Traces for Binary Similarity
We thus train the model to learn execution semantics from the functions' micro-traces, without any manual labeling effort.
DeepTest: Automated Testing of Deep-Neural-Network-driven Autonomous Cars
Most existing testing techniques for DNN-driven vehicles are heavily dependent on the manual collection of test data under different driving conditions which become prohibitively expensive as the number of test conditions increases.
XDA: Accurate, Robust Disassembly with Transfer Learning
We present XDA, a transfer-learning-based disassembly framework that learns different contextual dependencies present in machine code and transfers this knowledge for accurate and robust disassembly.
Formal Security Analysis of Neural Networks using Symbolic Intervals
In this paper, we present a new direction for formally checking security properties of DNNs without using SMT solvers.
Efficient Formal Safety Analysis of Neural Networks
Our approach can check different safety properties and find concrete counterexamples for networks that are 10$\times$ larger than the ones supported by existing analysis techniques.
On Training Robust PDF Malware Classifiers
A practically useful malware classifier must be robust against evasion attacks.
Learning Security Classifiers with Verified Global Robustness Properties
Since data distribution shift is very common in security applications, e. g., often observed for malware detection, local robustness cannot guarantee that the property holds for unseen inputs at the time of deploying the classifier.
CLN2INV: Learning Loop Invariants with Continuous Logic Networks
We use CLNs to implement a new inference system for loop invariants, CLN2INV, that significantly outperforms existing approaches on the popular Code2Inv dataset.
MixTrain: Scalable Training of Verifiably Robust Neural Networks
Making neural networks robust against adversarial inputs has resulted in an arms race between new defenses and attacks.
MTFuzz: Fuzzing with a Multi-Task Neural Network
The compact embedding can be used to guide the mutation process effectively by focusing most of the mutations on the parts of the embedding where the gradient is high.
Software Engineering
Towards Practical Lottery Ticket Hypothesis for Adversarial Training
Recent research has proposed the lottery ticket hypothesis, suggesting that for a deep neural network, there exist trainable sub-networks performing equally or better than the original model with commensurate training steps.
Ensuring Fairness Beyond the Training Data
In this work, we develop classifiers that are fair not only with respect to the training distribution, but also for a class of distributions that are weighted perturbations of the training samples.
Beyond Accuracy: Evaluating Self-Consistency of Code Large Language Models with IdentityChain
In this paper, we first formally define the self-consistency of Code LLMs and then design a framework, IdentityChain, which effectively and efficiently evaluates the self-consistency and conventional accuracy of a model at the same time.
Learning Nonlinear Loop Invariants with Gated Continuous Logic Networks (Extended Version)
In this paper, we introduce a new neural architecture for general SMT learning, the Gated Continuous Logic Network (G-CLN), and apply it to nonlinear loop invariant learning.
Towards Practical Verification of Machine Learning: The Case of Computer Vision Systems
Finally, we show that retraining using the safety violations detected by VeriVis can reduce the average number of violations up to 60. 2%.
SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities
When such conditions are met, an attacker can launch Denial-of-Service attacks against a vulnerable application by providing inputs that trigger the worst-case behavior.
Cryptography and Security
Enhancing Gradient-based Attacks with Symbolic Intervals
In this paper, we present interval attacks, a new technique to find adversarial examples to evaluate the robustness of neural networks.
Towards Compact and Robust Deep Neural Networks
In this work, we rigorously study the extension of network pruning strategies to preserve both benign accuracy and robustness of a network.
Neutaint: Efficient Dynamic Taint Analysis with Neural Networks
Dynamic taint analysis (DTA) is widely used by various applications to track information flow during runtime execution.
Cryptography and Security
Fine Grained Dataflow Tracking with Proximal Gradients
Dataflow tracking with Dynamic Taint Analysis (DTA) is an important method in systems security with many applications, including exploit analysis, guided fuzzing, and side-channel information leak detection.
Cryptography and Security
Towards Understanding Fast Adversarial Training
Current neural-network-based classifiers are susceptible to adversarial examples.
Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks
Trigger set-based watermarking schemes have gained emerging attention as they provide a means to prove ownership for deep neural network model owners.
A Branch and Bound Framework for Stronger Adversarial Attacks of ReLU Networks
In this work, we formulate an adversarial attack using a branch-and-bound (BaB) procedure on ReLU neural networks and search adversarial examples in the activation space corresponding to binary variables in a mixed integer programming (MIP) formulation.
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Neural Network Robustness Verification
We develop $\beta$-CROWN, a new bound propagation based method that can fully encode neuron split constraints in branch-and-bound (BaB) based complete verification via optimizable parameters $\beta$.
NeuDep: Neural Binary Memory Dependence Analysis
Notably, NeuDep also outperforms the current state-of-the-art on these tasks.
Exploiting Code Symmetries for Learning Program Semantics
This paper tackles the challenge of teaching code semantics to Large Language Models (LLMs) for program analysis by incorporating code symmetries into the model architecture.
PatchCURE: Improving Certifiable Robustness, Model Utility, and Computation Efficiency of Adversarial Patch Defenses
State-of-the-art defenses against adversarial patch attacks can now achieve strong certifiable robustness with a marginal drop in model utility.
