Overcoming the Paradox of Certified Training with Gaussian Smoothing

no code implementations • 11 Mar 2024 • Stefan Balauca, Mark Niklas Müller, Yuhao Mao, Maximilian Baader, Marc Fischer, Martin Vechev

Training neural networks with high certified accuracy against adversarial examples remains an open problem despite significant efforts.

Expressivity of ReLU-Networks under Convex Relaxations

no code implementations • 7 Nov 2023 • Maximilian Baader, Mark Niklas Müller, Yuhao Mao, Martin Vechev

We show that: (i) more advanced relaxations allow a larger class of univariate functions to be expressed as precisely analyzable ReLU networks, (ii) more precise relaxations can allow exponentially larger solution spaces of ReLU networks encoding the same functions, and (iii) even using the most precise single-neuron relaxations, it is impossible to construct precisely analyzable ReLU networks that express multivariate, convex, monotone CPWL functions.

Understanding Certified Training with Interval Bound Propagation

1 code implementation • 17 Jun 2023 • Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev

We, then, derive sufficient and necessary conditions on weight matrices for IBP bounds to become exact and demonstrate that these impose strong regularization, explaining the empirically observed trade-off between robustness and accuracy in certified training.

SMAP: A Novel Heterogeneous Information Framework for Scenario-based Optimal Model Assignment

no code implementations • 23 May 2023 • Zekun Qiu, Zhipu Xie, Zehua Ji, Yuhao Mao, Ke Cheng

To address this challenge, a new problem named the Scenario-based Optimal Model Assignment (SOMA) problem is introduced and a novel framework entitled Scenario and Model Associative percepts (SMAP) is developed.

TAPS: Connecting Certified and Adversarial Training

2 code implementations • 8 May 2023 • Yuhao Mao, Mark Niklas Müller, Marc Fischer, Martin Vechev

Training certifiably robust neural networks remains a notoriously hard problem.

"Is your explanation stable?": A Robustness Evaluation Framework for Feature Attribution

no code implementations • 5 Sep 2022 • Yuyou Gan, Yuhao Mao, Xuhong Zhang, Shouling Ji, Yuwen Pu, Meng Han, Jianwei Yin, Ting Wang

Experiment results show that the MeTFA-smoothed explanation can significantly increase the robust faithfulness.

Attribute Semantic Segmentation

Transfer Attacks Revisited: A Large-Scale Empirical Study in Real Computer Vision Settings

no code implementations • 7 Apr 2022 • Yuhao Mao, Chong Fu, Saizhuo Wang, Shouling Ji, Xuhong Zhang, Zhenguang Liu, Jun Zhou, Alex X. Liu, Raheem Beyah, Ting Wang

To bridge this critical gap, we conduct the first large-scale systematic empirical study of transfer attacks against major cloud-based MLaaS platforms, taking the components of a real transfer attack into account.

Application of Knowledge Graphs to Provide Side Information for Improved Recommendation Accuracy

1 code implementation • 7 Jan 2021 • Yuhao Mao, Serguei A. Mokhov, Sudhir P. Mudur

Information about products and preferences of different users are primarily used to infer preferences for a specific user.

Clustering Collaborative Filtering +2