检索结果-内蒙古大学图书馆

Detector Collapse: Physical-World Backdooring Object Detection to Catastrophic Overload or Blindness in Autonomous Driving

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Zhang, Hangtao Hu, Shengshan Wang, Yichen Zhang, Leo Yu Zhou, Ziqi Wang, Xianlong Zhang, Yanjun Chen, Chao School of Cyber Science and Engineering Huazhong University of Science and Technology China School of Computer Science and Technology Huazhong University of Science and Technology China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China Cluster and Grid Computing Lab China School of Information and Communication Technology Griffith University Australia University of Technology Sydney Australia RMIT University Australia

Object detection tasks, crucial in safety-critical systems like autonomous driving, focus on pinpointing object locations. These detectors are known to be susceptible to backdoor attacks. However, existing backdoor techniques have primarily been adapted from classification tasks, overlooking deeper vulnerabilities specific to object detection. This paper is dedicated to bridging this gap by introducing Detector Collapse (DC), a brand-new backdoor attack paradigm tailored for object detection. DC is designed to instantly incapacitate detectors (i.e., severely impairing detector's performance and culminating in a denial-of-service). To this end, we develop two innovative attack schemes: SPONGE for triggering widespread misidentifications and BLINDING for rendering objects invisible. Remarkably, we introduce a novel poisoning strategy exploiting natural objects, enabling DC to act as a practical backdoor in real-world environments. Our experiments on different detectors across several benchmarks show a significant improvement (∼10%-60% absolute and ∼2-7× relative) in attack efficacy over state-of-the-art attacks. Copyright © 2024, The Authors. All rights reserved.

关键词： Denial-of-service attack

Graft: Efficient Inference Serving for Hybrid Deep Learning with SLO Guarantees via DNN Re-alignment

学校读者我要写书评

暂无评论

arXiv 2023年

作者： Wu, Jing Wang, Lin Jin, Qirui Liu, Fangming The National Engineering Research Center for Big Data Technology and System The Services Computing Technology and System Lab Cluster and Grid Computing Lab in The School of Computer Science and Technology Huazhong University of Science and Technology 1037 Luoyu Road Wuhan430074 China Paderborn University TU Darmstadt Germany Peng Cheng Laboratory Huazhong University of Science and Technology China

Deep neural networks (DNNs) have been widely adopted for various mobile inference tasks, yet their ever-increasing computational demands are hindering their deployment on resource-constrained mobile devices. Hybrid deep learning partitions a DNN into two parts and deploys them across the mobile device and a server, aiming to reduce inference latency or prolong battery life of mobile devices. However, such partitioning produces (non-uniform) DNN fragments which are hard to serve efficiently on the server. This paper presents Graft—an efficient inference serving system for hybrid deep learning with latency service-level objective (SLO) guarantees. Our main insight is to mitigate the non-uniformity by a core concept called DNN re-alignment, allowing multiple heterogeneous DNN fragments to be restructured to share layers. To fully exploit the potential of DNN re-alignment, Graft employs fine-grained GPU resource sharing. Based on that, we propose efficient algorithms for merging, grouping, and re-aligning DNN fragments to maximize request batching opportunities, minimizing resource consumption while guaranteeing the inference latency SLO. We implement a Graft prototype and perform extensive experiments with five types of widely used DNNs and real-world network traces. Our results show that Graft improves resource efficiency by up to 70% compared with the state-of-the-art inference serving systems. © 2023, CC BY-NC-ND.

关键词： Deep neural networks

Effective Concurrency Testing for Go via Directional Primitive-Constrained Interleaving Exploration

学校读者我要写书评

暂无评论

Effective Concurrency Testing for Go via Directional Primiti...

IEEE International Conference on Automated Software Engineering (ASE)

作者： Zongze Jiang Ming Wen Yixin Yang Chao Peng Ping Yang Hai Jin School of Cyber Science and Engineering Huazhong University of Science and Technology China Hubei Key Laboratory of Distributed System Security Services Computing Technology and System Lab Cluster and Grid Computing Lab Hubei Engineering Research Center on Big Data Security National Engineering Research Center for Big Data Technology and System ByteDance Beijing China School of Computer Science and Technology Huazhong University of Science and Technology China

The Go language (Go/Golang) has been attracting increasing attention from the industry over recent years due to its strong concurrency support and ease of deployment. This programming language encourages developers to use channel-based concurrency, which simplifies the development of concurrent programs. Unfortunately, it also introduces new concurrency problems that differ from those caused by the mechanism of shared memory concurrency. However, there are only few works that aim to detect such Go-specific concurrency issues. Even state-of-the-art testing tools will miss critical concurrent bugs that require fine-grained and effective interleaving exploration. This paper presents GoPie, a novel testing approach for detecting Go concurrency bugs through primitive-constrained interleaving exploration. GoPie utilizes execution histories to identify new interleavings instead of relying on exhaustive exploration or random scheduling. To evaluate its performance, we applied GoPie to existing benchmarks and large-scale open-source projects. Results show that GoPie can effectively explore concurrent interleavings and detect significantly more bugs in the benchmark. Furthermore, it uncovered 11 unique previously unknown concurrent bugs, and 9 of which have been confirmed.

关键词：

ECLIPSE: Expunging Clean-label Indiscriminate Poisons via Sparse Diffusion Purification

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Wang, Xianlong Hu, Shengshan Zhang, Yechao Zhou, Ziqi Zhang, Leo Yu Xu, Peng Wan, Wei Jin, Hai National Engineering Research Center for Big Data Technology and System China Services Computing Technology and System Lab China Cluster and Grid Computing Lab China Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan430074 China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan430074 China School of Information and Communication Technology Griffith University SouthportQLD4215 Australia

Clean-label indiscriminate poisoning attacks add invisible perturbations to correctly labeled training images, thus dramatically reducing the generalization capability of the victim models. Recently, defense mechanisms such as adversarial training, image transformation techniques, and image purification have been proposed. However, these schemes are either susceptible to adaptive attacks, built on unrealistic assumptions, or only effective against specific poison types, limiting their universal applicability. In this research, we propose a more universally effective, practical, and robust defense scheme called ECLIPSE. We first investigate the impact of Gaussian noise on the poisons and theoretically prove that any kind of poison will be largely assimilated when imposing sufficient random noise. In light of this, we assume the victim has access to an extremely limited number of clean images (a more practical scene) and subsequently enlarge this sparse set for training a denoising probabilistic model (a universal denoising tool). We then introduce Gaussian noise to absorb the poisons and apply the model for denoising, resulting in a roughly purified dataset. Finally, to address the trade-off of the inconsistency in the assimilation sensitivity of different poisons by Gaussian noise, we propose a lightweight corruption compensation module to effectively eliminate residual poisons, providing a more universal defense approach. Extensive experiments demonstrate that our defense approach outperforms 10 state-of-the-art defenses. We also propose an adaptive attack against ECLIPSE and verify the robustness of our defense scheme. Our code is available at https://***/CGCL-codes/ECLIPSE. Copyright © 2024, The Authors. All rights reserved.

关键词： Deep neural networks

Generalization-Enhanced Code Vulnerability Detection via Multi-Task Instruction Fine-Tuning

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Du, Xiaohu Wen, Ming Zhu, Jiahao Xie, Zifan Ji, Bin Liu, Huijun Shi, Xuanhua Jin, Hai School of Cyber Science and Engineering Huazhong University of Science and Technology China School of Computer Science and Technology Huazhong University of Science and Technology China College of Computer National University of Defense Technology China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab HUST Wuhan430074 China Hubei Engineering Research Center on Big Data Security Hubei Key Laboratory of Distributed System Security HUST Wuhan430074 China JinYinHu Laboratory Wuhan430077 China Cluster and Grid Computing Lab HUST Wuhan430074 China

Code Pre-trained Models (CodePTMs) based vulnerability detection have achieved promising results over recent years. However, these models struggle to generalize as they typically learn superficial mapping from source code to labels instead of understanding the root causes of code vulnerabilities, resulting in poor performance in real-world scenarios beyond the training instances. To tackle this challenge, we introduce VulLLM, a novel framework that integrates multi-task learning with Large Language Models (LLMs) to effectively mine deep-seated vulnerability features. Specifically, we construct two auxiliary tasks beyond the vulnerability detection task. First, we utilize the vulnerability patches to construct a vulnerability localization task. Second, based on the vulnerability features extracted from patches, we leverage GPT-4 to construct a vulnerability interpretation task. VulLLM innovatively augments vulnerability classification by leveraging generative LLMs to understand complex vulnerability patterns, thus compelling the model to capture the root causes of vulnerabilities rather than overfitting to spurious features of a single task. The experiments conducted on six large datasets demonstrate that VulLLM surpasses seven state-of-the-art models in terms of effectiveness, generalization, and robustness. © 2024, CC BY.

关键词： Large datasets

Securely Fine-tuning Pre-trained Encoders Against Adversarial Examples

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Zhou, Ziqi Li, Minghui Liu, Wei Hu, Shengshan Zhang, Yechao Wan, Wei Xue, Lulu Zhang, Leo Yu Yao, Dezhong Jin, Hai National Engineering Research Center for Big Data Technology and System China Services Computing Technology and System Lab. China Cluster and Grid Computing Lab. China Hubei Engineering Research Center on Big Data Security China Hubei Key Laboratory of Distributed System Security China School of Computer Science and Technology Huazhong University of Science and Technology China School of Software Engineering Huazhong University of Science and Technology China School of Cyber Science and Engineering Huazhong University of Science and Technology China School of Information and Communication Technology Griffith University Australia

With the evolution of self-supervised learning, the pre-training paradigm has emerged as a predominant solution within the deep learning landscape. Model providers furnish pre-trained encoders designed to function as versatile feature extractors, enabling downstream users to harness the benefits of expansive models with minimal effort through fine-tuning. Nevertheless, recent works have exposed a vulnerability in pre-trained encoders, highlighting their susceptibility to downstream-agnostic adversarial examples (DAEs) meticulously crafted by attackers. The lingering question pertains to the feasibility of fortifying the robustness of downstream models against DAEs, particularly in scenarios where the pre-trained encoders are publicly accessible to the attackers. In this paper, we initially delve into existing defensive mechanisms against adversarial examples within the pre-training paradigm. Our findings reveal that the failure of current defenses stems from the domain shift between pre-training data and downstream tasks, as well as the sensitivity of encoder parameters. In response to these challenges, we propose Genetic Evolution-Nurtured Adversarial Fine-tuning (Gen-AF), a two-stage adversarial fine-tuning approach aimed at enhancing the robustness of downstream models. Gen-AF employs a genetic-directed dual-track adversarial fine-tuning strategy in its first stage to effectively inherit the pre-trained encoder. This involves optimizing the pre-trained encoder and classifier separately while incorporating genetic regularization to preserve the model’s topology. In the second stage, Gen-AF assesses the robust sensitivity of each layer and creates a dictionary, based on which the top-k robust redundant layers are selected with the remaining layers held fixed. Upon this foundation, we conduct evolutionary adaptability fine-tuning to further enhance the model’s generalizability. Our extensive experiments, conducted across ten self-supervised training methods and six

关键词： Topology

On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Li, Zhen Wang, Ning Zou, Deqing Li, Yating Zhang, Ruqian Xu, Shouhuai Zhang, Chao Jin, Hai School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Department of Computer Science University of Colorado Colorado Springs Colorado SpringsCO United States Institute for Network Sciences and Cyberspace Tsinghua University Beijing China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab China JinYinHu Laboratory Wuhan China

Software vulnerabilities are a major cyber threat and it is important to detect them. One important approach to detecting vulnerabilities is to use deep learning while treating a program function as a whole, known as function-level vulnerability detectors. However, the limitation of this approach is not understood. In this paper, we investigate its limitation in detecting one class of vulnerabilities known as inter-procedural vulnerabilities, where the to-be-patched statements and the vulnerability-triggering statements belong to different functions. For this purpose, we create the first Inter-Procedural Vulnerability Dataset (InterPVD) based on C/C++ open-source software, and we propose a tool dubbed VulTrigger for identifying vulnerability-triggering statements across functions. Experimental results show that VulTrigger can effectively identify vulnerability-triggering statements and inter-procedural vulnerabilities. Our findings include: (i) inter-procedural vulnerabilities are prevalent with an average of 2.8 inter-procedural layers;and (ii) function-level vulnerability detectors are much less effective in detecting to-be-patched functions of inter-procedural vulnerabilities than detecting their counterparts of intra-procedural vulnerabilities. Copyright © 2024, The Authors. All rights reserved.

关键词： Open source software

On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities

学校读者我要写书评

暂无评论

On the Effectiveness of Function-Level Vulnerability Detecto...

International Conference on Software Engineering (ICSE)

作者： Zhen Li Ning Wang Deqing Zou Yating Li Ruqian Zhang Shouhuai Xu Chao Zhang Hai Jin National Engineering Research Center for Big Data Technology and System Services Computing Technology and System Lab Hubei Key Laboratory of Distributed System Security Hubei Engineering Research Center on Big Data Security Cluster and Grid Computing Lab School of Cyber Science and Engineering Huazhong University of Science and Technology Wuhan China Jin YinHu Laboratory Wuhan China Department of Computer Science University of Colorado Colorado Springs Colorado Springs Colorado USA Institute for Network Sciences and Cyberspace Tsinghua University Beijing China School of Computer Science and Technology Huazhong University of Science and Technology Wuhan China

ISBN: (数字)9798400702174

ISBN: (纸本)9798350382143

Software vulnerabilities are a major cyber threat and it is important to detect them. One important approach to detecting vulnerabilities is to use deep learning while treating a program function as a whole, known as function-level vulnerability detectors. However, the limitation of this approach is not understood. In this paper, we investigate its limitation in detecting one class of vulnerabilities known as inter-procedural vulnerabilities, where the to-be-patched statements and the vulnerability-triggering statements belong to different functions. For this purpose, we create the first Inter -Procedural Vulnerability Dataset (InterPVD) based on C/C++ open-source software, and we propose a tool dubbed VulTrigger for identifying vulnerability-triggering statements across functions. Experimental results show that VulTrigger can effectively identify vulnerability-triggering statements and inter-procedural vulnerabilities. Our findings include: (i) inter-procedural vulnerabilities are prevalent with an average of 2.8 inter-procedural layers; and (ii) function-level vulner-ability detectors are much less effective in detecting to-be-patched functions of inter-procedural vulnerabilities than detecting their counterparts of intra-procedural vulnerabilities.

关键词： Deep learning Detectors Open source software Software engineering

Detecting JVM JIT Compiler Bugs via Exploring Two-Dimensional Input Spaces

学校读者我要写书评

暂无评论

Detecting JVM JIT Compiler Bugs via Exploring Two-Dimensiona...

International Conference on Software Engineering (ICSE)

作者： Haoxiang Jia Ming Wen Zifan Xie Xiaochen Guo Rongxin Wu Maolin Sun Kang Chen Hai Jin School of Cyber Science and Engineering Huazhong University of Science and Technology China Hubei Key Laboratory of Distributed System Security Services Computing Technology and System Lab Cluster and Grid Computing Lab. Hubei Engineering Research Center on Big Data Security National Engineering Research Center for Big Data Technology and System School of Informatics Xiamen University China School of Computer Science and Technology Huazhong University of Science and Technology China

Java Virtual Machine (JVM) is the fundamental software system that supports the interpretation and execution of Java bytecode. To support the surging performance demands for the increasingly complex and large-scale Java programs, Just-In-Time (JIT) compiler was proposed to perform sophisticated runtime optimization. However, this inevitably induces various bugs, which are becoming more pervasive over the decades and can often cause significant consequences. To facilitate the design of effective and efficient testing techniques to detect JIT compiler bugs. This study first performs a preliminary study aiming to understand the characteristics of JIT compiler bugs and the corresponding triggering test cases. Inspired by the empirical findings, we propose JOpFuzzer, a new JVM testing approach with a specific focus on JIT compiler bugs. The main novelty of JOpFuzzer is embodied in three aspects. First, besides generating new seeds, JOpFuzzer also searches for diverse configurations along the new dimension of optimization options. Second, JOpFuzzer learns the correlations between various code features and different optimization options to guide the process of seed mutation and option exploration. Third, it leverages the profile data, which can reveal the program execution information, to guide the fuzzing process. Such nov-elties enable JOpFuzzer to effectively and efficiently explore the two-dimensional input spaces. Extensive evaluation shows that JOpFuzzer outperforms the state-of-the-art approaches in terms of the achieved code coverages. More importantly, it has detected 41 bugs in OpenJDK, and 25 of them have already been confirmed or fixed by the corresponding developers.

关键词：