Statistical Verification of General Perturbations by Gaussian Smoothing

Marc Fischer; Maximilian Baader; Martin Vechev

Statistical Verification of General Perturbations by Gaussian Smoothing

Marc Fischer, Maximilian Baader, Martin Vechev

25 Sept 2019 (modified: 05 May 2023)ICLR 2020 Conference Blind SubmissionReaders: Everyone

TL;DR: We present a statistical certification method to certify robustness for rotations, translations and other transformations.

Abstract: We present a novel statistical certification method that generalizes prior work based on smoothing to handle richer perturbations. Concretely, our method produces a provable classifier which can establish statistical robustness against geometric perturbations (e.g., rotations, translations) as well as volume changes and pitch shifts on audio data. The generalization is non-trivial and requires careful handling of operations such as interpolation. Our method is agnostic to the choice of classifier and scales to modern architectures such as ResNet-50 on ImageNet.

Keywords: adversarial robustness, certified network, randomised smoothing, geometric perturbations

Original Pdf: pdf

9 Replies

Loading