Search Results for author:
Found 13 papers, 7 papers with code
Overcoming the Paradox of Certified Training with Gaussian Smoothing
Training neural networks with high certified accuracy against adversarial examples remains an open problem despite significant efforts.
SPEAR:Exact Gradient Inversion of Batches in Federated Learning
In this work, we propose \emph{the first algorithm reconstructing whole batches with $b >1$ exactly}.
Evading Data Contamination Detection for Language Models is (too) Easy
Large language models are widespread, with their performance on benchmarks frequently guiding user preferences for one model over another.
Expressivity of ReLU-Networks under Convex Relaxations
We show that: (i) more advanced relaxations allow a larger class of univariate functions to be expressed as precisely analyzable ReLU networks, (ii) more precise relaxations can allow exponentially larger solution spaces of ReLU networks encoding the same functions, and (iii) even using the most precise single-neuron relaxations, it is impossible to construct precisely analyzable ReLU networks that express multivariate, convex, monotone CPWL functions.
The Fundamental Limits of Interval Arithmetic for Neural Networks
Interval analysis (or interval bound propagation, IBP) is a popular technique for verifying and training provably robust deep neural networks, a fundamental challenge in the area of reliable machine learning.
Latent Space Smoothing for Individually Fair Representations
This enables us to learn individually fair representations that map similar individuals close together by using adversarial training to minimize the distance between their representations.
Scalable Certified Segmentation via Randomized Smoothing
We present a new certification method for image and point cloud segmentation based on randomized smoothing.
On the Paradox of Certified Training
Certified defenses based on convex relaxations are an established technique for training provably robust models.
Efficient Certification of Spatial Robustness
Recent work has exposed the vulnerability of computer vision models to vector field attacks.
Certified Defense to Image Transformations via Randomized Smoothing
We extend randomized smoothing to cover parameterized transformations (e. g., rotations, translations) and certify robustness in the parameter space (e. g., rotation angle).
Certifying Geometric Robustness of Neural Networks
The use of neural networks in safety-critical computer vision systems calls for their robustness certification against natural geometric transformations (e. g., rotation, scaling).
Universal Approximation with Certified Networks
To the best of our knowledge, this is the first work to prove the existence of accurate, interval-certified networks.
Statistical Verification of General Perturbations by Gaussian Smoothing
We present a novel statistical certification method that generalizes prior work based on smoothing to handle richer perturbations.
