Search Results for author:
Found 14 papers, 3 papers with code
Certified robustness against physically-realizable patch attack via randomized cropping
Our method improves upon the current state of the art in defending against patch attacks on CIFAR10 and ImageNet, both in terms of certified accuracy and inference time.
Estimating Lipschitz constants of monotone deep equilibrium models
Several methods have been proposed in recent years to provide bounds on the Lipschitz constants of deep networks, which can be used to provide robustness guarantees, generalization bounds, and characterize the smoothness of decision boundaries.
Multiplicative Filter Networks
Although deep networks are typically used to approximate functions over high dimensional inputs, recent work has increased interest in neural networks as function approximators for low-dimensional-but-complex functions, such as representing images as a function of pixel coordinates, solving differential equations, or representing signed distance fields or neural radiance fields.
Provably robust classification of adversarial examples with detection
Adversarial attacks against deep networks can be defended against either by building robust classifiers or, by creating classifiers that can \emph{detect} the presence of adversarial perturbations.
Beta-CROWN: Efficient Bound Propagation with Per-neuron Split Constraints for Neural Network Robustness Verification
We develop $\beta$-CROWN, a new bound propagation based method that can fully encode neuron split constraints in branch-and-bound (BaB) based complete verification via optimizable parameters $\beta$.
Empirical robustification of pre-trained classifiers
Most pre-trained classifiers, though they may work extremely well on the domain they were trained upon, are not trained in a robust fashion, and therefore are sensitive to adversarial attacks.
Certified robustness against adversarial patch attacks via randomized cropping
This paper proposes a certifiable defense against adversarial patch attacks on image classification.
A Branch and Bound Framework for Stronger Adversarial Attacks of ReLU Networks
In this work, we formulate an adversarial attack using a branch-and-bound (BaB) procedure on ReLU neural networks and search adversarial examples in the activation space corresponding to binary variables in a mixed integer programming (MIP) formulation.
Certified Robustness for Deep Equilibrium Models via Interval Bound Propagation
Our key insights are that these interval bounds can be obtained as the fixed-point solution to an IBP-inspired equilibrium equation, and furthermore, that this solution always exists and is unique when the layer obeys a certain parameterization.
Neural Deep Equilibrium Solvers
A deep equilibrium (DEQ) model abandons traditional depth by solving for the fixed point of a single nonlinear layer $f_\theta$.
Understanding Overfitting in Reweighting Algorithms for Worst-group Performance
Prior work has proposed various reweighting algorithms to improve the worst-group performance of machine learning models for fairness.
Model-based Reinforcement Learning with Ensembled Model-value Expansion
Model-based reinforcement learning (MBRL) methods are often more data-efficient and quicker to converge than their model-free counterparts, but typically rely crucially on accurate modeling of the environment dynamics and associated uncertainty in order to perform well.
Model-based Reinforcement Learning
reinforcement-learning
+1
A Fine-Tuning Approach to Belief State Modeling
Furthermore, because this specialization occurs after the action or policy has already been decided, BFT does not require the belief model to process it as input.
Training Certifiably Robust Neural Networks with Efficient Local Lipschitz Bounds
Certified robustness is a desirable property for deep neural networks in safety-critical applications, and popular training algorithms can certify robustness of a neural network by computing a global bound on its Lipschitz constant.
