Training Certifiably Robust Neural Networks Against Semantic Perturbations

Add code
Jul 22, 2022
Rem Yang, Jacob Laurel, Sasa Misailovic, Gagandeep Singh
Figure 1 for Training Certifiably Robust Neural Networks Against Semantic Perturbations
Figure 2 for Training Certifiably Robust Neural Networks Against Semantic Perturbations
Figure 3 for Training Certifiably Robust Neural Networks Against Semantic Perturbations
Figure 4 for Training Certifiably Robust Neural Networks Against Semantic Perturbations

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Semantic image perturbations, such as scaling and rotation, have been shown to easily deceive deep neural networks (DNNs). Hence, training DNNs to be certifiably robust to these perturbations is critical. However, no prior work has been able to incorporate the objective of deterministic semantic robustness into the training procedure, as existing deterministic semantic verifiers are exceedingly slow. To address these challenges, we propose Certified Semantic Training (CST), the first training framework for deterministic certified robustness against semantic image perturbations. Our framework leverages a novel GPU-optimized verifier that, unlike existing works, is fast enough for use in training. Our results show that networks trained via CST consistently achieve both better provable semantic robustness and clean accuracy, compared to networks trained via baselines based on existing works.

View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon