Automated Repair of Deep Neural Networks
Primary supervisor
Additional supervisors
- Youcheng Sun
Contact admissions office
Other projects with the same supervisor
- Verification Based Model Extraction Attack and Defence for Deep Neural Networks
- Application Level Verification of Solidity Smart Contracts
- Finding Vulnerabilities in IoT Software using Fuzzing, Symbolic Execution and Abstract Interpretation
- Designing Safe & Explainable Neural Models in NLP
- Exploiting Software Vulnerabilities at Large Scale
- Verification Based Model Extraction Attack and Defence for Deep Neural Networks
- Using Program Synthesis for Program Repair in IoT Security
- Automatic Detection and Repair of Software Vulnerabilities in Unmanned Aerial Vehicles
- Combining Concolic Testing with Machine Learning to Find Software Vulnerabilities in the Internet of Things
- Verifying Cyber-attacks in CUDA Deep Neural Networks for Self-Driving Cars
- Hybrid Fuzzing Concurrent Software using Model Checking and Machine Learning
Funding
- Competition Funded Project (Students Worldwide)
This research project is one of a number of projects at this institution. It is in competition for funding with one or more of these projects. Usually the project which receives the best applicant will be awarded the funding. Applications for this project are welcome from suitably qualified candidates worldwide. Funding may only be available to a limited set of nationalities and you should read the full department and project details for further information.
Project description
Artificial intelligence (AI), especially deep neural networks (DNNs), has been widely used, including in applications with security and privacy concerns. Different from traditional software, the performance and security of DNNs highly depend on the data used to train the model, which by no means will be exhaustively tested. Therefore, this project targets the scenario when the DNN fails to operate as expected after it has been deployed. The failure could be caused by, e.g., lack of training on certain features or purposely embedded backdoor via data poisoning. This project aims to automatically repair the model, i.e., generate updates for the DNN that fix such problems, with the ultimate goal of developing resilient AI systems. An update for the DNN is a set of changes to its learnable parameters, i.e., the weights and biases. It could be for increasing the model prediction accuracy, fixing the backdoor, or improving the adversarial robustness of the model.
In this project, the Ph.D. student would work on the fundamental theory for repairing DNNs, which must be applicable to real-world setup and implement it. Realistically, automated repair techniques do not require re-training the DNN to correct the failures, thus not relying on the training data. As it becomes common to use or purchase DNN models developed by a third party, the training data is not always publicly available. It can also be that customers, who use remote computing power for training the DNN, have privacy motivations for withholding the data. Subject to these security and privacy concerns, the repair automatically fixes DNN failures recorded at its runtime; meanwhile, the changes shall not compromise the model's originally correct behaviors.
Person specification
For information
- Candidates must hold a minimum of an upper Second Class UK Honours degree or international equivalent in a relevant science or engineering discipline.
- Candidates must meet the School's minimum English Language requirement.
- Candidates will be expected to comply with the University's policies and practices of equality, diversity and inclusion.
Essential
Applicants will be required to evidence the following skills and qualifications.
- You must be capable of performing at a very high level.
- You must have a self-driven interest in uncovering and solving unknown problems and be able to work hard and creatively without constant supervision.
Desirable
Applicants will be required to evidence the following skills and qualifications.
- You will have good time management.
- You will possess determination (which is often more important than qualifications) although you'll need a good amount of both.
General
Applicants will be required to address the following.
- Comment on your transcript/predicted degree marks, outlining both strong and weak points.
- Discuss your final year Undergraduate project work - and if appropriate your MSc project work.
- How well does your previous study prepare you for undertaking Postgraduate Research?
- Why do you believe you are suitable for doing Postgraduate Research?