DOI: 10.1145/3808174 ISSN: 2994-970X

DECODE: Dynamic Exploration for Constraint-Guided Vulnerability Discovery in Deep Learning Operators

Haotong Liu, Zhi Wang, Zhuohang Liu, Wanpeng Li

The security and robustness of deep learning (DL) frameworks are vital, as vulnerabilities in low-level operator implementations can lead to serious reliability and security risks. While testing has proven effective in uncovering such flaws, existing techniques struggle to accurately capture the complex input constraints required by DL operators, resulting in low test coverage and missed bugs.

To address this, we propose DECODE, a fully automated framework that performs efficient and precise constraint extraction through dynamic analysis. DECODE models operator-specific input requirements by observing valid execution traces and exploring constraint relationships. It then uses these refined constraints to generate high-quality test inputs capable of exposing memory error vulnerabilities. We evaluated DECODE on two widely used DL frameworks - TensorFlow and PyTorch - where it uncovered 96 bugs (54 in TensorFlow and 42 in PyTorch), 82 of which have been confirmed by developers. Compared to state-of-the-art tools, DECODE detected 41, 75, and 87 more bugs than IvySyn, DocTer, and DeepREL, respectively, demonstrating its superior effectiveness in uncovering previously undetected vulnerabilities.

More from our Archive