Aster : Encoding Data Augmentation Relations into Seed Test Suites for Robustness Assessment and Fuzzing of Data-Augmented Deep Learning Models
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
Original language | English |
---|---|
Title of host publication | Proceedings - 2023 IEEE 23rd International Conference on Software Quality, Reliability, and Security |
Subtitle of host publication | QRS 2023 |
Publisher | Institute of Electrical and Electronics Engineers, Inc. |
Pages | 370-381 |
ISBN (electronic) | 9798350319583 |
ISBN (print) | 979-8-3503-1959-0 |
Publication status | Published - 2023 |
Publication series
Name | IEEE International Conference on Software Quality, Reliability and Security, QRS |
---|---|
ISSN (Print) | 2693-9177 |
Conference
Title | 23rd IEEE International Conference on Software Quality, Reliability, and Security (QRS 2023) |
---|---|
Location | Chiang Mai Marriott Hotel |
Place | Thailand |
City | Chiang Mai |
Period | 22 - 26 October 2023 |
Link(s)
Abstract
Data-augmented deep learning models are widely used in real-world applications. However, many state-of the-art loss-based or coverage-based fuzzing techniques fail to produce fuzzing samples for them from many seeds. This paper proposes Aster, a novel technique to address this problem to enhance their fuzzing effectiveness for deep learning models trained with multi-sample data augmentation methods. Aster formulates a novel reachability-based strategy to encode the insights of every seed's direct and indirect data augmentation relation instances into the replacement seed of that seed systematically. Our experiment shows that Aster is highly effective. On average, loss-based and coverage-based fuzzing techniques can generate 166% and 110% more fuzzing samples and reduce 31% and 22% unsuccessful seeds, respectively, after adopting the replacement seeds generated by Aster to replace their original seeds. Their improved models also become up to 55% and 40% on average more robust against FGSM and PGD attacks in the experiment. © 2023 IEEE
Research Area(s)
- data augmentation, fuzzing, neural network, robustness, seed generation, testing
Bibliographic Note
Citation Format(s)
Proceedings - 2023 IEEE 23rd International Conference on Software Quality, Reliability, and Security: QRS 2023. Institute of Electrical and Electronics Engineers, Inc., 2023. p. 370-381 (IEEE International Conference on Software Quality, Reliability and Security, QRS).
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review