Marble: Model-based Robustness Analysis of Stateful Deep Learning Systems

Xiaoning Du, Yi Li, Xiaofei Xie, Lei Ma, Yang Liu, Jianjun Zhao

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

State-of-the-art deep learning (DL) systems are vulnerable to adversarial examples, which hinders their potential adoption in safety-and security-critical scenarios. While some recent progress has been made in analyzing the robustness of feed-forward neural networks, the robustness analysis for stateful DL systems, such as recurrent neural networks (RNNs), still remains largely uncharted. In this paper, we propose Marble, a model-based approach for quantitative robustness analysis of real-world RNN-based DL systems. Marble builds a probabilistic model to compactly characterize the robustness of RNNs through abstraction. Furthermore, we propose an iterative refinement algorithm to derive a precise abstraction, which enables accurate quantification of the robustness measurement. We evaluate the effectiveness of Marble on both LSTM and GRU models trained separately with three popular natural language datasets. The results demonstrate that (1) our refinement algorithm is more efficient in deriving an accurate abstraction than the random strategy, and (2) Marble enables quantitative robustness analysis, in rendering better efficiency, accuracy, and scalability than the state-of-the-art techniques.

本文言語英語
ホスト出版物のタイトルProceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
出版社Institute of Electrical and Electronics Engineers Inc.
ページ423-435
ページ数13
ISBN(電子版)9781450367684
DOI
出版ステータス出版済み - 9 2020
イベント35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020 - Virtual, Melbourne, オーストラリア
継続期間: 9 22 20209 25 2020

出版物シリーズ

名前Proceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020

会議

会議35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
国/地域オーストラリア
CityVirtual, Melbourne
Period9/22/209/25/20

All Science Journal Classification (ASJC) codes

  • 人工知能
  • ソフトウェア
  • 安全性、リスク、信頼性、品質管理

フィンガープリント

「Marble: Model-based Robustness Analysis of Stateful Deep Learning Systems」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル