no code implementations • 11 Mar 2024 • Stefan Balauca, Mark Niklas Müller, Yuhao Mao, Maximilian Baader, Marc Fischer, Martin Vechev
Training neural networks with high certified accuracy against adversarial examples remains an open problem despite significant efforts.
no code implementations • 7 Nov 2023 • Maximilian Baader, Mark Niklas Müller, Yuhao Mao, Martin Vechev
We show that: (i) more advanced relaxations allow a larger class of univariate functions to be expressed as precisely analyzable ReLU networks, (ii) more precise relaxations can allow exponentially larger solution spaces of ReLU networks encoding the same functions, and (iii) even using the most precise single-neuron relaxations, it is impossible to construct precisely analyzable ReLU networks that express multivariate, convex, monotone CPWL functions.
1 code implementation • 17 Jun 2023 • Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev
We, then, derive sufficient and necessary conditions on weight matrices for IBP bounds to become exact and demonstrate that these impose strong regularization, explaining the empirically observed trade-off between robustness and accuracy in certified training.
no code implementations • 23 May 2023 • Zekun Qiu, Zhipu Xie, Zehua Ji, Yuhao Mao, Ke Cheng
To address this challenge, a new problem named the Scenario-based Optimal Model Assignment (SOMA) problem is introduced and a novel framework entitled Scenario and Model Associative percepts (SMAP) is developed.
2 code implementations • 8 May 2023 • Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev
Training certifiably robust neural networks remains a notoriously hard problem.
no code implementations • 5 Sep 2022 • Yuyou Gan, Yuhao Mao, Xuhong Zhang, Shouling Ji, Yuwen Pu, Meng Han, Jianwei Yin, Ting Wang
Experiment results show that the MeTFA-smoothed explanation can significantly increase the robust faithfulness.
no code implementations • 7 Apr 2022 • Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang
To bridge this critical gap, we conduct the first large-scale systematic empirical study of transfer attacks against major cloud-based MLaaS platforms, taking the components of a real transfer attack into account.
1 code implementation • 7 Jan 2021 • Yuhao Mao, Serguei A. Mokhov, Sudhir P. Mudur
Information about products and preferences of different users are primarily used to infer preferences for a specific user.