Certifying Geometric Robustness of Neural Networks

被引:0
|
作者
Balunovic, Mislav [1 ]
Baader, Maximilian [1 ]
Singh, Gagandeep [1 ]
Gehr, Timon [1 ]
Vechev, Martin [1 ]
机构
[1] Swiss Fed Inst Technol, Dept Comp Sci, Zurich, Switzerland
来源
ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 32 (NIPS 2019) | 2019年 / 32卷
关键词
D O I
暂无
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The use of neural networks in safety-critical computer vision systems calls for their robustness certification against natural geometric transformations (e.g., rotation, scaling). However, current certification methods target mostly norm-based pixel perturbations and cannot certify robustness against geometric transformations. In this work, we propose a new method to compute sound and asymptotically optimal linear relaxations for any composition of transformations. Our method is based on a novel combination of sampling and optimization. We implemented the method in a system called DEEPG and demonstrated that it certifies significantly more complex geometric transformations than existing methods on both defended and undefended networks while scaling to large architectures.
引用
收藏
页数:11
相关论文
共 50 条
  • [1] Towards Certifying the Asymmetric Robustness for Neural Networks: Quantification and Applications
    Li, Changjiang
    Ji, Shouling
    Weng, Haiqin
    Li, Bo
    Shi, Jie
    Beyah, Raheem
    Guo, Shanqing
    Wang, Zonghui
    Wang, Ting
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (06) : 3987 - 4001
  • [2] CERT-RNN: Towards Certifying the Robustness of Recurrent Neural Networks
    Du, Tianyu
    Ji, Shouling
    Shen, Lujia
    Zhang, Yao
    Li, Jinfeng
    Shi, Jie
    Fang, Chengfang
    Yin, Jianwei
    Beyah, Raheem
    Wang, Ting
    CCS '21: PROCEEDINGS OF THE 2021 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2021, : 516 - 534
  • [3] CNN-Cert: An Efficient Framework for Certifying Robustness of Convolutional Neural Networks
    Boopathy, Akhilan
    Weng, Tsui-Wei
    Chen, Pin-Yu
    Liu, Sijia
    Daniel, Luca
    THIRTY-THIRD AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE / THIRTY-FIRST INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE / NINTH AAAI SYMPOSIUM ON EDUCATIONAL ADVANCES IN ARTIFICIAL INTELLIGENCE, 2019, : 3240 - 3247
  • [4] Towards Certifying l∞ Robustness using Neural Networks with l∞-dist Neurons
    Zhang, Bohang
    Cai, Tianle
    Lu, Zhou
    He, Di
    Wang, Liwei
    INTERNATIONAL CONFERENCE ON MACHINE LEARNING, VOL 139, 2021, 139
  • [5] An Abstract Domain for Certifying Neural Networks
    Singh, Gagandeep
    Gehr, Timon
    Puschel, Markus
    Vechev, Martin
    PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL, 2019, 3 (POPL):
  • [6] Towards Verifying the Geometric Robustness of Large-Scale Neural Networks
    Wang, Fu
    Xu, Peipei
    Ruan, Wenjie
    Huang, Xiaowei
    THIRTY-SEVENTH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE, VOL 37 NO 12, 2023, : 15197 - 15205
  • [7] Robustness of Interdependent Random Geometric Networks
    Zhang, Jianan
    Yeh, Edmund
    Modiano, Eytan
    IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING, 2019, 6 (03): : 474 - 487
  • [8] Geometric robustness theory and biological networks
    Ay, Nihat
    Krakauer, David C.
    THEORY IN BIOSCIENCES, 2007, 125 (02) : 93 - 121
  • [9] Geometric robustness theory and biological networks
    Nihat Ay
    David C. Krakauer
    Theory in Biosciences, 2007, 125 : 93 - 121
  • [10] Robustness of Interdependent Random Geometric Networks
    Zhang, Jianan
    Yeh, Edmund
    Modiano, Eytan
    2016 54TH ANNUAL ALLERTON CONFERENCE ON COMMUNICATION, CONTROL, AND COMPUTING (ALLERTON), 2016, : 172 - 179
12345