The adoption of deep neural network(DNN)model as the integral part of real-world software systems necessitates explicit consideration of their quality-of-service(QoS).It is well-known that DNN models are prone to adve...The adoption of deep neural network(DNN)model as the integral part of real-world software systems necessitates explicit consideration of their quality-of-service(QoS).It is well-known that DNN models are prone to adversarial attacks,and thus it is vitally important to be aware of how robust a modeFs prediction is for a given input instance.A fragile prediction,even with high confidence,is not trustworthy in light of the possibility of adversarial attacks.We propose that DNN models should produce a robustness value as an additional QoS indicator,along with the confidence value,for each prediction they make.Existing approaches for robustness computation are based on adversarial searching,which are usually too expensive to be excised in real time.In this paper,we propose to predict,rather than to compute,the robustness measure for each input instance.Specifically,our approach inspects the output of the neurons of the target model and trains another DNN model to predict the robustness.We focus on convolutional neural network(CNN)models in the current research.Experiments show that our approach is accurate,with only 10%-34%additional errors compared with the offline heavy-weight robustness analysis.It also significantly outperforms some alternative methods.We further validate the effectiveness of the approach when it is applied to detect adversarial attacks and out-of-distribution input.Our approach demonstrates a better performance than,or at least is comparable to,the state-of-the-art techniques.展开更多
JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety o...JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety of dynamic analysis techniques have been proposed which are,however,limited in either coverage or scalability.In this paper,we propose a simple,yet effective,model-based automated testing approach to achieve a high code-coverage within the time budget via testing with longer event sequences.We implement our approach as an open-source tool LJS,and perform extensive experiments on 21 publicly available benchmarks.On average,LJS is able to achieve 86.5%line coverage in 10 minutes.Compared with JSDEP,a state-of-the-art breadth-first search based automated testing tool enriched with partial order reduction,the coverage of LJS is 11%-19%higher than that of JSDEP on real-world large Web applications.Our empirical findings support that proper longer test sequences can achieve a higher code coverage in JavaScript Web application testing.展开更多
基金supported by the National Basic Research 973 Program of China under Grant No.2015CB352202the National Natural Science Foundation of China under Grant Nos.61690204,61802170,and 61872340+2 种基金the Guangdong Science and Technology Department under Grant No.2018B010107004the Natural Science Foundation of Guangdong Province of China under Grant No.2019A1515011689the Overseas Grant of the State Key Laboratory of Novel Software Technology under Grant No.KFKT2018A16。
文摘The adoption of deep neural network(DNN)model as the integral part of real-world software systems necessitates explicit consideration of their quality-of-service(QoS).It is well-known that DNN models are prone to adversarial attacks,and thus it is vitally important to be aware of how robust a modeFs prediction is for a given input instance.A fragile prediction,even with high confidence,is not trustworthy in light of the possibility of adversarial attacks.We propose that DNN models should produce a robustness value as an additional QoS indicator,along with the confidence value,for each prediction they make.Existing approaches for robustness computation are based on adversarial searching,which are usually too expensive to be excised in real time.In this paper,we propose to predict,rather than to compute,the robustness measure for each input instance.Specifically,our approach inspects the output of the neurons of the target model and trains another DNN model to predict the robustness.We focus on convolutional neural network(CNN)models in the current research.Experiments show that our approach is accurate,with only 10%-34%additional errors compared with the offline heavy-weight robustness analysis.It also significantly outperforms some alternative methods.We further validate the effectiveness of the approach when it is applied to detect adversarial attacks and out-of-distribution input.Our approach demonstrates a better performance than,or at least is comparable to,the state-of-the-art techniques.
基金P.Gao,Y.Xu and F.Song were partially supported by the National Natural Science Foundation of China(NSFC)(Grant Nos.62072309,61532019,61761136011)T.Chen is partially supported by the National Natural Science Foundation of China(Grant No.61872340)+1 种基金Guangdong Science and Technology Department(2018B010107004)Natural Science Foundation of Guangdong Province(2019A1515011689).
文摘JavaScript has become one of the most widely used languages for Web development.Its dynamic and event-driven features make it challenging to ensure the correctness of Web applications written in JavaScript.A variety of dynamic analysis techniques have been proposed which are,however,limited in either coverage or scalability.In this paper,we propose a simple,yet effective,model-based automated testing approach to achieve a high code-coverage within the time budget via testing with longer event sequences.We implement our approach as an open-source tool LJS,and perform extensive experiments on 21 publicly available benchmarks.On average,LJS is able to achieve 86.5%line coverage in 10 minutes.Compared with JSDEP,a state-of-the-art breadth-first search based automated testing tool enriched with partial order reduction,the coverage of LJS is 11%-19%higher than that of JSDEP on real-world large Web applications.Our empirical findings support that proper longer test sequences can achieve a higher code coverage in JavaScript Web application testing.