Feature Map Testing for Deep Neural Networks
- URL: http://arxiv.org/abs/2307.11563v1
- Date: Fri, 21 Jul 2023 13:15:15 GMT
- Title: Feature Map Testing for Deep Neural Networks
- Authors: Dong Huang, Qingwen Bu, Yahao Qing, Yichao Fu, Heming Cui
- Abstract summary: We propose DeepFeature, which tests DNNs from the feature map level.
DeepFeature has a high fault detection rate and can detect more types of faults(comparing DeepFeature to coverage-guided selection techniques, the fault detection rate is increased by 49.32%)
- Score: 6.931570234442819
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Due to the widespread application of deep neural networks~(DNNs) in
safety-critical tasks, deep learning testing has drawn increasing attention.
During the testing process, test cases that have been fuzzed or selected using
test metrics are fed into the model to find fault-inducing test units (e.g.,
neurons and feature maps, activating which will almost certainly result in a
model error) and report them to the DNN developer, who subsequently repair
them~(e.g., retraining the model with test cases). Current test metrics,
however, are primarily concerned with the neurons, which means that test cases
that are discovered either by guided fuzzing or selection with these metrics
focus on detecting fault-inducing neurons while failing to detect
fault-inducing feature maps.
In this work, we propose DeepFeature, which tests DNNs from the feature map
level. When testing is conducted, DeepFeature will scrutinize every internal
feature map in the model and identify vulnerabilities that can be enhanced
through repairing to increase the model's overall performance. Exhaustive
experiments are conducted to demonstrate that (1) DeepFeature is a strong tool
for detecting the model's vulnerable feature maps; (2) DeepFeature's test case
selection has a high fault detection rate and can detect more types of
faults~(comparing DeepFeature to coverage-guided selection techniques, the
fault detection rate is increased by 49.32\%). (3) DeepFeature's fuzzer also
outperforms current fuzzing techniques and generates valuable test cases more
efficiently.
Related papers
- Robust Black-box Testing of Deep Neural Networks using Co-Domain Coverage [18.355332126489756]
Rigorous testing of machine learning models is necessary for trustworthy deployments.
We present a novel black-box approach for generating test-suites for robust testing of deep neural networks (DNNs)
arXiv Detail & Related papers (2024-08-13T09:42:57Z) - Neuron Sensitivity Guided Test Case Selection for Deep Learning Testing [6.686765165569934]
Deep Neural Networks (DNNs) have been widely deployed in software to address various tasks.
DNN developers often collect rich unlabeled datasets from the natural world and label them to test the DNN models.
We propose NSS, Neuron Sensitivity guided test case Selection, which can reduce the labeling time by selecting valuable test cases from unlabeled datasets.
arXiv Detail & Related papers (2023-07-20T16:36:04Z) - Semi-Supervised and Long-Tailed Object Detection with CascadeMatch [91.86787064083012]
We propose a novel pseudo-labeling-based detector called CascadeMatch.
Our detector features a cascade network architecture, which has multi-stage detection heads with progressive confidence thresholds.
We show that CascadeMatch surpasses existing state-of-the-art semi-supervised approaches in handling long-tailed object detection.
arXiv Detail & Related papers (2023-05-24T07:09:25Z) - Energy-based Out-of-Distribution Detection for Graph Neural Networks [76.0242218180483]
We propose a simple, powerful and efficient OOD detection model for GNN-based learning on graphs, which we call GNNSafe.
GNNSafe achieves up to $17.0%$ AUROC improvement over state-of-the-arts and it could serve as simple yet strong baselines in such an under-developed area.
arXiv Detail & Related papers (2023-02-06T16:38:43Z) - VPN: Verification of Poisoning in Neural Networks [11.221552724154988]
We study another neural network security issue, namely data poisoning.
In this case an attacker inserts a trigger into a subset of the training data, in such a way that at test time, this trigger in an input causes the trained model to misclassify to some target class.
We show how to formulate the check for data poisoning as a property that can be checked with off-the-shelf verification tools.
arXiv Detail & Related papers (2022-05-08T15:16:05Z) - Efficient Test-Time Model Adaptation without Forgetting [60.36499845014649]
Test-time adaptation seeks to tackle potential distribution shifts between training and testing data.
We propose an active sample selection criterion to identify reliable and non-redundant samples.
We also introduce a Fisher regularizer to constrain important model parameters from drastic changes.
arXiv Detail & Related papers (2022-04-06T06:39:40Z) - Model2Detector:Widening the Information Bottleneck for
Out-of-Distribution Detection using a Handful of Gradient Steps [12.263417500077383]
Out-of-distribution detection is an important capability that has long eluded vanilla neural networks.
Recent advances in inference-time out-of-distribution detection help mitigate some of these problems.
We show how our method consistently outperforms the state-of-the-art in detection accuracy on popular image datasets.
arXiv Detail & Related papers (2022-02-22T23:03:40Z) - Anomaly Detection of Test-Time Evasion Attacks using Class-conditional
Generative Adversarial Networks [21.023722317810805]
We propose an attack detector based on classconditional Generative Adversaratives (GAN)
We model the distribution of clean data conditioned on a predicted class label by an Auxiliary GAN (ACGAN)
Experiments on image classification datasets under different TTE attack methods show that our method outperforms state-of-the-art detection methods.
arXiv Detail & Related papers (2021-05-21T02:51:58Z) - ALT-MAS: A Data-Efficient Framework for Active Testing of Machine
Learning Algorithms [58.684954492439424]
We propose a novel framework to efficiently test a machine learning model using only a small amount of labeled test data.
The idea is to estimate the metrics of interest for a model-under-test using Bayesian neural network (BNN)
arXiv Detail & Related papers (2021-04-11T12:14:04Z) - Understanding Classifier Mistakes with Generative Models [88.20470690631372]
Deep neural networks are effective on supervised learning tasks, but have been shown to be brittle.
In this paper, we leverage generative models to identify and characterize instances where classifiers fail to generalize.
Our approach is agnostic to class labels from the training set which makes it applicable to models trained in a semi-supervised way.
arXiv Detail & Related papers (2020-10-05T22:13:21Z) - Beyond Dropout: Feature Map Distortion to Regularize Deep Neural
Networks [107.77595511218429]
In this paper, we investigate the empirical Rademacher complexity related to intermediate layers of deep neural networks.
We propose a feature distortion method (Disout) for addressing the aforementioned problem.
The superiority of the proposed feature map distortion for producing deep neural network with higher testing performance is analyzed and demonstrated.
arXiv Detail & Related papers (2020-02-23T13:59:13Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.