Marble: Model-based robustness analysis of stateful deep learning systems
State-of-the-art deep learning (DL) systems are vulnerable to adversarial examples, which hinders their potential adoption in safetyand security-critical scenarios. While some recent progress has been made in analyzing the robustness of feed-forward neural networks, the robustness analysis for state...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| 格式: | text |
| 語言: | English |
| 出版: |
Institutional Knowledge at Singapore Management University
2020
|
| 主題: | |
| 在線閱讀: | https://ink.library.smu.edu.sg/sis_research/7088 https://ink.library.smu.edu.sg/context/sis_research/article/8091/viewcontent/3324884.3416564.pdf |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 總結: | State-of-the-art deep learning (DL) systems are vulnerable to adversarial examples, which hinders their potential adoption in safetyand security-critical scenarios. While some recent progress has been made in analyzing the robustness of feed-forward neural networks, the robustness analysis for stateful DL systems, such as recurrent neural networks (RNNs), still remains largely uncharted. In this paper, we propose Marble, a model-based approach for quantitative robustness analysis of real-world RNN-based DL systems. Marble builds a probabilistic model to compactly characterize the robustness of RNNs through abstraction. Furthermore, we propose an iterative refinement algorithm to derive a precise abstraction, which enables accurate quantification of the robustness measurement. We evaluate the effectiveness of Marble on both LSTM and GRU models trained separately with three popular natural language datasets. The results demonstrate that (1) our refinement algorithm is more efficient in deriving an accurate abstraction than the random strategy, and (2) Marble enables quantitative robustness analysis, in rendering better efficiency, accuracy, and scalability than the state-of-the-art techniques. |
|---|