An Empirical Study on Correlation between Coverage and Robustness for Deep Neural Networks

No Thumbnail Available
File version
Author(s)
Dong, Y
Zhang, P
Wang, J
Liu, S
Sun, J
Hao, J
Wang, X
Wang, L
Dong, J
Dai, T
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2020
Size
File type(s)
Location
License
Abstract

Deep neural networks (DNN) are increasingly applied in safety-critical systems, e.g., for face recognition, autonomous car control and malware detection. It is also shown that DNNs are subject to attacks such as adversarial perturbation and thus must be properly tested. Many coverage criteria for DNN since have been proposed, inspired by the success of code coverage criteria for software programs. The expectation is that if a DNN is well tested (and retrained) according to such coverage criteria, it is more likely to be robust. In this work, we conduct an empirical study to evaluate the relationship between coverage, robustness and attack/defense metrics for DNN. Our study is the largest to date and systematically done based on 100 DNN models and 25 metrics. One of our findings is that there is limited correlation between coverage and robustness, i.e., improving coverage does not help improve the robustness. Our dataset and implementation have been made available to serve as a benchmark for future studies on testing DNN.

Journal Title
Conference Title

Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems, ICECCS

Book Title
Edition
Volume
Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement
Item Access Status
Note
Access the data
Related item(s)
Subject

Information systems

Persistent link to this record
Citation

Dong, Y; Zhang, P; Wang, J; Liu, S; Sun, J; Hao, J; Wang, X; Wang, L; Dong, J; Dai, T, An Empirical Study on Correlation between Coverage and Robustness for Deep Neural Networks, Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems, ICECCS, 2020, pp. 73-82