Write a Blog >>
ASE 2020
Mon 21 - Fri 25 September 2020 Melbourne, Australia
ASE 2020 (series) / Research Papers /

MARBLE: Model-Based Robustness Analysis of Stateful Deep Learning Systems

Xiaoning Du, Yi Li, Xiaofei Xie, Lei Ma, Yang Liu, Jianjun Zhao
ASE 2020 Research Papers
Wed 23 Sep 2020 00:20 - 00:40 at Kangaroo - Software Engineering for AI (1) Chair(s): Song Wang

Deep learning (DL) has recently started to be applied in many applications, e.g., autonomous driving, speech recognition, and natural language processing. Yet, many state-of-the-art DL systems are still vulnerable to adversarial examples, which hinders their adoptions in safety- and security-critical scenarios. While some recent progress has been made in analyzing the robustness of feed-forward neural networks, the robustness analysis for stateful DL systems, such as recurrent neural networks (RNNs), still remains largely uncharted. In this paper, we propose MARBLE, a model-based approach for quantitative robustness analysis of real-world RNN-based DL systems. MARBLE first profiles RNNs using training data to collect information on how models behave under controlled perturbations. We then build a probabilistic model to compactly characterize the behavioral robustness of RNNs, through abstraction. Furthermore, we propose a refinement algorithm to iteratively derive a precise abstraction which enables accurate quantification of the robustness measures. We evaluate the effectiveness of MARBLE on both LSTM and GRU models trained separately with three popular natural language datasets. The results demonstrate that (1) our refinement algorithm is more efficient in deriving an accurate abstraction than the random strategy, and (2) MARBLE enables quantitative robustness analysis, in rendering better efficiency, accuracy, and scalability than state-of-the-art techniques.

Xiaoning Du
Xiaoning Du
Nanyang Technological University
Yi Li
Yi Li
Nanyang Technological University, Singapore
Singapore
Xiaofei Xie
Xiaofei Xie
Nanyang Technological University
Lei Ma
Lei Ma
Kyushu University
Japan
Yang Liu
Yang Liu
Nanyang Technological University, Singapore
Singapore
Jianjun Zhao
Jianjun Zhao
Kyushu University
Japan

Wed 23 Sep
Times are displayed in time zone: (UTC) Coordinated Universal Time

00:00 - 01:00: Software Engineering for AI (1)Research Papers / NIER track at Kangaroo
Chair(s): Song WangYork University, Canada
00:00 - 00:20
Talk		Multiple-Boundary Clustering and Prioritization to Promote Neural Network Retraining
Research Papers
Weijun ShenNanjing University, Yanhui LiDepartment of Computer Science and Technology, Nanjing University, Lin ChenNanjing University, YuanLei HanNanjing University, Yuming ZhouNanjing University, Baowen XuState Key Laboratory for Novel Software Technology, Nanjing University
00:20 - 00:40
Talk		MARBLE: Model-Based Robustness Analysis of Stateful Deep Learning Systems
Research Papers
Xiaoning DuNanyang Technological University, Yi LiNanyang Technological University, Singapore, Xiaofei XieNanyang Technological University, Lei MaKyushu University, Yang LiuNanyang Technological University, Singapore, Jianjun ZhaoKyushu University
00:40 - 00:50
Talk		Making Fair ML Software using Trustworthy Explanation
NIER track
Joymallya ChakrabortyNorth Carolina State University, USA, Kewen PengNorth Carolina State University, Tim MenziesNorth Carolina State University, USA
Link to publication DOI Pre-print Media Attached

Multiple-Boundary Clustering and Prioritization to Promote Neural Network Retraining Research Papers

Session: Software Engineering for AI (1) Wed 23 Sep 2020 00:00 - 01:00 Chair(s): Song WangYork University, Canada

With the increasing application of deep learning (DL) models in many safety-critical scenarios, effective and efficient DL testing techniques are much in demand to improve the quality of DL models. One of the major challenges is the data gap between the training data to construct the models and the testing data to evaluate them. To bridge the gap, testers aims to collect an effective subset of inputs from the testing contexts, with limited labeling effort, for retraining DL models.

To assist the subset selection, we propose \textbf{M}ultiple-Boundary \textbf{C}lustering and \textbf{P}rioritization (\textbf{MCP}), a technique to cluster test samples into the boundary areas of multiple boundaries for DL models and specify the priority to select samples evenly from all boundary areas, to make sure enough useful samples for each boundary reconstruction.

To evaluate MCP, we conduct an extensive empirical study with three popular DL models and 33 simulated testing contexts. The experiment results show that, compared with state-of-the-art baseline methods, on effectiveness, our approach MCP has a significantly better performance by evaluating the improved quality of retrained DL models; on efficiency, MCP also has the advantages in time costs.

Weijun Shen
Weijun Shen
Nanjing University
Yanhui Li
Yanhui Li
Department of Computer Science and Technology, Nanjing University
Lin Chen
Lin Chen
Nanjing University
China
small-avatar
YuanLei Han
Nanjing University
small-avatar
Yuming Zhou
Nanjing University
small-avatar
Baowen Xu
State Key Laboratory for Novel Software Technology, Nanjing University
All Details Close

MARBLE: Model-Based Robustness Analysis of Stateful Deep Learning Systems Research Papers

Session: Software Engineering for AI (1) Wed 23 Sep 2020 00:00 - 01:00 Chair(s): Song WangYork University, Canada

Deep learning (DL) has recently started to be applied in many applications, e.g., autonomous driving, speech recognition, and natural language processing. Yet, many state-of-the-art DL systems are still vulnerable to adversarial examples, which hinders their adoptions in safety- and security-critical scenarios. While some recent progress has been made in analyzing the robustness of feed-forward neural networks, the robustness analysis for stateful DL systems, such as recurrent neural networks (RNNs), still remains largely uncharted. In this paper, we propose MARBLE, a model-based approach for quantitative robustness analysis of real-world RNN-based DL systems. MARBLE first profiles RNNs using training data to collect information on how models behave under controlled perturbations. We then build a probabilistic model to compactly characterize the behavioral robustness of RNNs, through abstraction. Furthermore, we propose a refinement algorithm to iteratively derive a precise abstraction which enables accurate quantification of the robustness measures. We evaluate the effectiveness of MARBLE on both LSTM and GRU models trained separately with three popular natural language datasets. The results demonstrate that (1) our refinement algorithm is more efficient in deriving an accurate abstraction than the random strategy, and (2) MARBLE enables quantitative robustness analysis, in rendering better efficiency, accuracy, and scalability than state-of-the-art techniques.

Xiaoning Du
Xiaoning Du
Nanyang Technological University
Yi Li
Yi Li
Nanyang Technological University, Singapore
Singapore
Xiaofei Xie
Xiaofei Xie
Nanyang Technological University
Lei Ma
Lei Ma
Kyushu University
Japan
Yang Liu
Yang Liu
Nanyang Technological University, Singapore
Singapore
Jianjun Zhao
Jianjun Zhao
Kyushu University
Japan
All Details Close

Making Fair ML Software using Trustworthy Explanation New Ideas and Emerging Results (NIER) track

Session: Software Engineering for AI (1) Wed 23 Sep 2020 00:00 - 01:00 Chair(s): Song WangYork University, Canada

Machine learning software is being used in many applications (finance, hiring, admissions, criminal justice) having a huge social impact. But sometimes the behavior of this software is biased and it shows discrimination based on some sensitive attributes such as sex, race etc. Prior works concentrated on finding and mitigating bias in ML models. A recent trend is using instance-based model agnostic explanation methods such as LIME[1] to find out bias in the model prediction. Our work concentrates on finding shortcomings of current bias measures and explanation methods. We show how our proposed method based on K nearest neighbors can overcome those shortcomings and find the underlying bias of black-box models. Our results are more trustworthy and helpful for the practitioners. Finally, We describe our future framework combining explanation and planning to build fair software

Link to Publication: https://arxiv.org/abs/2007.02893

Joymallya Chakraborty
Joymallya Chakraborty
North Carolina State University, USA
United States
small-avatar
Kewen Peng
North Carolina State University
Tim Menzies
Tim Menzies
North Carolina State University, USA
United States
All Details Close