报告题目：Security analysis: from traditional software to deep learning software
主讲嘉宾：新加坡南洋理工大学 杜晓宁 教授
报告摘要：Vulnerabilities are one of the key threats to the IT industry. Identifying potentially vulnerable locations in a codebase (or binaries) is critical as a pre-step for effective vulnerability assessment, i.e., it can greatly help security experts put their time and effort to where it is needed most. In this talk, I will present two approaches to identifying vulnerabilities in the source code, with one based on program metrics, and the other one based on deep learning (DL) with graph neural network. On the other hand, as with the increasing deployment of DL in safety- and security-critical applications, more concerns arise about its vulnerability and robustness to adversarial perturbations. In the second part of the talk, I will share our recent research on the quantitative security analysis of Recurrent Neural Network(RNN)-based DL systems, and demonstrate its effectiveness and efficiency on RNN fuzz testing and adversarial sample detection.
关于嘉宾：Ms. Xiaoning Du is currently a research associate at Nanyang Technological University (NTU), who specializes in cybersecurity, AI and formal methods. Ms. Du received her bachelor degree from Fudan University in 2014 and recently has completed all requirements of the PHD program in NTU. Her research has bridged the gap between the theory and practical usage of formal methods and program analysis to evaluate (AI) software for high assurance and security. Her publications appear in top-tier venues including ICSE, FSE, NeurIPS, FM and TDSC.