Search Results for author:
Found 51 papers, 14 papers with code
DeepHunter: Hunting Deep Neural Network Defects via Coverage-Guided Fuzzing
In company with the data explosion over the past decade, deep neural network (DNN) based software has experienced unprecedented leap and is becoming the key driving force of many novel industrial applications, including many safety-critical scenarios such as autonomous driving.
Metamorphic Relation Based Adversarial Attacks on Differentiable Neural Computer
Deep neural networks (DNN), while becoming the driving force of many novel technology and achieving tremendous success in many cutting-edge applications, are still vulnerable to adversarial attacks.
An Orchestrated Empirical Study on Deep Learning Frameworks and Platforms
Up to the present, it still lacks a comprehensive study on how current diverse DL frameworks and platforms influence the DL software development process.
DeepCruiser: Automated Guided Testing for Stateful Deep Learning Systems
Our in-depth evaluation on a state-of-the-art speech-to-text DL system demonstrates the effectiveness of our technique in improving quality and reliability of stateful DL systems.
FakeSpotter: A Simple yet Robust Baseline for Spotting AI-Synthesized Fake Faces
In recent years, generative adversarial networks (GANs) and its variants have achieved unprecedented success in image synthesis.
An Empirical Study towards Characterizing Deep Learning Development and Deployment across Different Frameworks and Platforms
However, the differences in architecture designs and implementations of existing frameworks and platforms bring new challenges for DL software development and deployment.
SPARK: Spatial-aware Online Incremental Attack Against Visual Tracking
We identify that online object tracking poses two new challenges: 1) it is difficult to generate imperceptible perturbations that can transfer across frames, and 2) real-time trackers require the attack to satisfy a certain level of efficiency.
Amora: Black-box Adversarial Morphing Attack
In this paper, we investigate and introduce a new type of adversarial attack to evade FR systems by manipulating facial content, called \textbf{\underline{a}dversarial \underline{mor}phing \underline{a}ttack} (a. k. a.
Watch out! Motion is Blurring the Vision of Your Deep Neural Networks
Besides, the attack is further enhanced by adaptively tuning the translations of object and background.
Byzantine-resilient Decentralized Stochastic Gradient Descent
It guarantees that each benign node in a decentralized system can train a correct model under very strong Byzantine attacks with an arbitrary number of faulty nodes.
Towards Characterizing Adversarial Defects of Deep Learning Software from the Lens of Uncertainty
Based on this, we propose an automated testing technique to generate multiple types of uncommon AEs and BEs that are largely missed by existing techniques.
Stealthy and Efficient Adversarial Attacks against Deep Reinforcement Learning
Adversarial attacks against conventional Deep Learning (DL) systems and algorithms have been widely studied, and various defenses were proposed.
Stealing Deep Reinforcement Learning Models for Fun and Profit
This paper presents the first model extraction attack against Deep Reinforcement Learning (DRL), which enables an external adversary to precisely recover a black-box DRL model only from its interaction with the environment.
Retrieval-Augmented Generation for Code Summarization via Hybrid GNN
However, automatic code summarization is challenging due to the complexity of the source code and the language gap between the source code and natural language summaries.
FakePolisher: Making DeepFakes More Detection-Evasive by Shallow Reconstruction
At this moment, GAN-based image generation methods are still imperfect, whose upsampling design has limitations in leaving some certain artifact patterns in the synthesized image.
DeepRhythm: Exposing DeepFakes with Attentional Visual Heartbeat Rhythms
As the GAN-based face image and video generation techniques, widely known as DeepFakes, have become more and more matured and realistic, there comes a pressing and urgent demand for effective DeepFakes detectors.
Can We Trust Your Explanations? Sanity Checks for Interpreters in Android Malware Analysis
For this reason, a variety of explanation approaches are proposed to interpret predictions by providing important features.
Cryptography and Security Software Engineering
Light Can Hack Your Face! Black-box Backdoor Attack on Face Recognition Systems
In this paper, we propose a novel black-box backdoor attack technique on face recognition systems, which can be conducted without the knowledge of the targeted DNN model.
Adversarial Rain Attack and Defensive Deraining for DNN Perception
To defend the DNNs from the negative rain effect, we also present a defensive deraining strategy, for which we design an adversarial rain augmentation that uses mixed adversarial rain layers to enhance deraining models for downstream DNN perception.
Adversarial Exposure Attack on Diabetic Retinopathy Imagery
In this paper, we study this problem from the viewpoint of adversarial attack and identify a totally new task, i. e., adversarial exposure attack generating adversarial images by tuning image exposure to mislead the DNNs with significantly high transferability.
Bias Field Poses a Threat to DNN-based X-Ray Recognition
Our method reveals the potential threat to the DNN-based X-ray automated diagnosis and can definitely benefit the development of bias-field-robust automated diagnosis system.
EfficientDeRain: Learning Pixel-wise Dilation Filtering for High-Efficiency Single-Image Deraining
To fill this gap, in this paper, we regard the single-image deraining as a general image-enhancing problem and originally propose a model-free deraining method, i. e., EfficientDeRain, which is able to process a rainy image within 10~ms (i. e., around 6~ms on average), over 80 times faster than the state-of-the-art method (i. e., RCDNet), while achieving similar de-rain effects.
DeepRepair: Style-Guided Repairing for DNNs in the Real-world Operational Environment
In this paper, we propose a style-guided data augmentation for repairing DNN in the operational environment.
Sparta: Spatially Attentive and Adversarially Robust Activations
Moreover, comprehensive evaluations have demonstrated two important properties of our method: First, superior transferability across DNNs.
Neuron Coverage-Guided Domain Generalization
More specifically, by treating the DNN as a program and each neuron as a functional point of the code, during the network training we aim to improve the generalization capability by maximizing the neuron coverage of DNN with the gradient similarity regularization between the original and augmented samples.
Independent Reinforcement Learning for Weakly Cooperative Multiagent Traffic Control Problem
To this, we model the traffic control problem as a partially observable weak cooperative traffic model (PO-WCTM) to optimize the overall traffic situation of a group of intersections.
AVA: Adversarial Vignetting Attack against Visual Recognition
Moreover, we propose the geometry-aware level-set optimization method to solve the adversarial vignetting regions and physical parameters jointly.
Cross-Lingual Transfer Learning for Statistical Type Inference
Hitherto statistical type inference systems rely thoroughly on supervised learning approaches, which require laborious manual effort to collect and label large amounts of data.
Learning to Adversarially Blur Visual Object Tracking
In this work, we explore the robustness of visual object trackers against motion blur from a new angle, i. e., adversarial blur attack (ABA).
GraphSearchNet: Enhancing GNNs via Capturing Global Dependencies for Semantic Code Search
Specifically, we propose to construct graphs for the source code and queries with bidirectional GGNN (BiGGNN) to capture the local structural information of the source code and queries.
Learning Program Semantics with Code Representations: An Empirical Study
However, currently, a comprehensive and systematic study on evaluating different program representation techniques across diverse tasks is still missed.
NPC: Neuron Path Coverage via Characterizing Decision Logic of Deep Neural Networks
Inspired by software testing, a number of structural coverage criteria are designed and proposed to measure the test adequacy of DNNs.
Characterizing and Understanding the Behavior of Quantized Models for Reliable Deployment
The results reveal that 1) data with distribution shifts happen more disagreements than without.
LaF: Labeling-Free Model Selection for Automated Deep Neural Network Reusing
Applying deep learning to science is a new trend in recent years which leads DL engineering to become an important problem.
CodeS: Towards Code Model Generalization Under Distribution Shift
Distribution shift has been a longstanding challenge for the reliable deployment of deep learning (DL) models due to unexpected accuracy degradation.
Aries: Efficient Testing of Deep Neural Networks via Labeling-Free Accuracy Estimation
Recent studies show that test selection for DNN is a promising direction that tackles this issue by selecting minimal representative data to label and using these data to assess the model.
CommitBART: A Large Pre-trained Model for GitHub Commits
GitHub commits, which record the code changes with natural language messages for description, play a critical role for software developers to comprehend the software evolution.
Decompiling x86 Deep Neural Network Executables
BTD takes DNN executables and outputs full model specifications, including types of DNN operators, network topology, dimensions, and parameters that are (nearly) identical to those of the input models.
Unveiling Code Pre-Trained Models: Investigating Syntax and Semantics Capacities
These structures are fundamental to understanding code.
Neural Episodic Control with State Abstraction
Generally, episodic control-based approaches are solutions that leverage highly-rewarded past experiences to improve sample efficiency of DRL algorithms.
Evading DeepFake Detectors via Adversarial Statistical Consistency
Second, we find that the statistical differences between natural and DeepFake images are positively associated with the distribution shifting between the two kinds of images, and we propose to use a distribution-aware loss to guide the optimization of different degradations.
A Black-Box Attack on Code Models via Representation Nearest Neighbor Search
Furthermore, the perturbation of adversarial examples introduced by RNNS is smaller compared to the baselines in terms of the number of replaced variables and the change in variable length.
Multi-target Backdoor Attacks for Code Pre-trained Models
We evaluate our approach on two code understanding tasks and three code generation tasks over seven datasets.
Evaluating the Robustness of Test Selection Methods for Deep Neural Networks
Testing deep learning-based systems is crucial but challenging due to the required time and labor for labeling collected raw data.
GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis
Instead of relying solely on GPT to identify vulnerabilities, which can lead to high false positives and is limited by GPT's pre-trained knowledge, we utilize GPT as a versatile code understanding tool.
Bias Testing and Mitigation in LLM-based Code Generation
To mitigate bias for code generation models, we evaluate five bias mitigation prompt strategies, i. e., utilizing bias testing results to refine the code (zero-shot), one-, few-shot, and two Chain-of-Thought (CoT) prompts.
AdaptiveFL: Adaptive Heterogeneous Federated Learning for Resource-Constrained AIoT Systems
Although Federated Learning (FL) is promising to enable collaborative learning among Artificial Intelligence of Things (AIoT) devices, it suffers from the problem of low classification performance due to various heterogeneity factors (e. g., computing capacity, memory size) of devices and uncertain operating environments.
Have Your Cake and Eat It Too: Toward Efficient and Accurate Split Federated Learning
However, due to data heterogeneity and stragglers, SFL suffers from the challenges of low inference accuracy and low efficiency.
Importance Guided Data Augmentation for Neural-Based Code Understanding
In this paper, we introduce a general data augmentation framework, GenCode, to enhance the training of code understanding models.
MIP: CLIP-based Image Reconstruction from PEFT Gradients
Contrastive Language-Image Pre-training (CLIP) model, as an effective pre-trained multimodal neural network, has been widely used in distributed machine learning tasks, especially Federated Learning (FL).
Evaluating Decision Optimality of Autonomous Driving via Metamorphic Testing
In this paper, we focus on evaluating the decision-making quality of an ADS and propose the first method for detecting non-optimal decision scenarios (NoDSs), where the ADS does not compute optimal paths for AVs.
