CoopHance: Cooperative Enhancement for Robustness of Deep Learning Systems
Adversarial attacks have been a threat to Deep Learning (DL) systems to be reckoned with. By adding human-imperceptible perturbation to benign inputs, adversarial attacks can cause the incorrect behavior of DL systems. Considering the popularity of DL systems in the industry, it is critical and urgent for developers to enhance the robustness of DL systems against adversarial attacks.
In this study, we propose a novel enhancement technique for DL systems, namely CoopHance. CoopHance leverages two specifically customized components, Regulator and Inspector, to cooperatively enhance the DL systems' robustness against adversarial examples with different distortions. Regulator can purify adversarial examples with low or moderate distortions, while Inspector is responsible for detecting these adversarial examples with high distortion by capturing the abnormal status of DL systems. Our evaluation using various attacks shows that, on average, CoopHance can successfully resist 90.62% and 96.56% of the adversarial examples that are generated for the unprotected systems on CIFAR-10 and SVHN datasets separately, which is 188.14% more effective than five state-of-the-art enhancement techniques, including Feature Squeeze, LID, SOAP, Adversarial Training, and MagNet. Meanwhile, when attackers generate new adversarial examples on the enhanced systems, CoopHance can reject 78.06% of attacks, which outperforms the best of five enhancement techniques by 82.71% on average.
Wed 19 JulDisplayed time zone: Pacific Time (US & Canada) change
15:30 - 17:00 | ISSTA Online 4: Testing and Analysis of DL SystemsTechnical Papers at Smith Classroom (Gates G10) Chair(s): Elena Sherman Boise State University | ||
15:30 10mTalk | A Tale of Two Approximations: Tightening Over-Approximation for DNN Robustness Verification via Under-Approximation Technical Papers Zhiyi Xue East China Normal University, Si Liu ETH Zurich, Zhaodi Zhang East China Normal University, Yiting Wu East China Normal University, Min Zhang East China Normal University DOI | ||
15:40 10mTalk | In Defense of Simple Techniques for Neural Network Test Case Selection Technical Papers Shenglin Bao Fudan University, Chaofeng Sha Fudan University, Bihuan Chen Fudan University, Xin Peng Fudan University, Wenyun Zhao Fudan University DOI | ||
15:50 10mTalk | ROME: Testing Image Captioning Systems via Recursive Object Melting Technical Papers BoXi Yu Chinese University of Hong Kong, Zhiqing Zhong Chinese University of Hong Kong, Jiaqi Li Chinese University of Hong Kong, Yixing Yang Chinese University of Hong Kong, Shilin He Microsoft Research, Pinjia He Chinese University of Hong Kong DOI | ||
16:00 10mTalk | ACETest: Automated Constraint Extraction for Testing Deep Learning Operators Technical Papers Jingyi Shi Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yang Xiao Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yuekang Li University of New South Wales, Yeting Li Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, DongSong Yu Zhongguancun Laboratory, Chendong Yu Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Hui Su Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Yufeng Chen Institute of Information Engineering at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Wei Huo Institute of Information Engineering at Chinese Academy of Sciences DOI | ||
16:10 10mTalk | Latent Imitator: Generating Natural Individual Discriminatory Instances for Black-Box Fairness Testing Technical Papers Yisong Xiao Beihang University, Aishan Liu Beihang University; Institute of Dataspace, Li Tianlin Nanyang Technological University, Xianglong Liu Beihang University; Institute of Dataspace; Zhongguancun Laboratory DOI | ||
16:20 10mTalk | CoopHance: Cooperative Enhancement for Robustness of Deep Learning Systems Technical Papers Quan Zhang Tsinghua University, Yongqiang Tian University of Waterloo, Yifeng Ding University of Illinois at Urbana-Champaign, Shanshan Li National University of Defense Technology, Chengnian Sun University of Waterloo, Yu Jiang Tsinghua University, Jiaguang Sun Tsinghua University DOI | ||
16:30 10mTalk | Back Deduction Based Testing for Word Sense Disambiguation Ability of Machine Translation Systems Technical Papers Jun Wang Nanjing University, Yanhui Li Nanjing University, Xiang Huang Nanjing University, Lin Chen Nanjing University, Xiaofang Zhang Soochow University, Yuming Zhou Nanjing University DOI | ||
16:40 10mTalk | CydiOS: A Model-Based Testing Framework for iOS Apps Technical Papers Shuohan Wu Hong Kong Polytechnic University, Jianfeng Li Xi’an Jiaotong University, Hao Zhou Hong Kong Polytechnic University, Yongsheng Fang Beijing University of Posts and Telecommunications, Kaifa ZHAO Hong Kong Polytechnic University, Haoyu Wang Huazhong University of Science and Technology, Chenxiong Qian University of Hong Kong, Xiapu Luo Hong Kong Polytechnic University DOI | ||