Intelligent Applications (iApps), equipped with in-App deep learning (DL) models, are emerging to provide reliable DL inference services. However, in-App DL models are typically compiled into inference-only versions to enhance system performance, thereby impeding the evaluation of DL models. Specifically, the assessment of in-App models currently relies on black-box testing methods rather than direct white-box testing approaches. In this work, we propose TIM, an automated tool designed for conducting large-scale white-box testing of in-App models. Taking an iApp as input, TIM can lift the black-box (i.e., inference-only) in-App DL model into a backpropagation-enabled one and package it together, allowing comprehensive DL model testing or security issues detection. TIM proposes two reconstruction techniques to convert the inference-only model to a backpropagation-enabled version and reconstruct the DL-related IO processing code. In our experiments, we utilize TIM to extract 100 unique commercial in-App models and convert the models to white-box models, enabling backpropagation functionality. Experimental results show that TIM’s reconstruction techniques exhibit high accuracy. We open-source our prototype and part of the experimental data on the website https://zenodo.org/record/7548141 .

中文翻译：

---

TIM：对应用内深度学习模型进行大规模白盒测试


配备应用内深度学习 (DL) 模型的智能应用程序 (iApp) 正在兴起，以提供可靠的 DL 推理服务。然而，应用内深度学习模型通常被编译成仅推理版本以增强系统性能，从而阻碍了深度学习模型的评估。具体来说，应用内模型的评估目前依赖于黑盒测试方法，而不是直接的白盒测试方法。在这项工作中，我们提出了 TIM，这是一种自动化工具，旨在对应用内模型进行大规模白盒测试。以 iApp 作为输入，TIM 可以将黑盒（即仅推理）应用内 DL 模型提升为支持反向传播的模型并将其打包在一起，从而允许全面的 DL 模型测试或安全问题检测。 TIM 提出了两种重构技术，将仅推理模型转换为支持反向传播的版本，并重构 DL 相关的 IO 处理代码。在我们的实验中，我们利用 TIM 提取 100 个独特的商业应用内模型，并将这些模型转换为白盒模型，从而实现反向传播功能。实验结果表明TIM重建技术具有较高的准确性。我们在网站 https://zenodo.org/record/7548141 上开源了我们的原型和部分实验数据。