Conference item
RANCER: non-axis aligned anisotropic certification with randomized smoothing
- Abstract:
- As modern networks have been proven to be unprotected from adversarial attacks and are applied in safety-critical applications, defense against them is very crucial. Many works were dedicated to this topic, but randomized smoothing has been recently proven to be an effective approach for the certified defense of deep neural networks and getting robust classifiers. Some prior results were obtained utilizing the techniques of adding extra parameters to extend the limits of the certification regions. In this way, sample-wise optimization was proposed to maximize the certification radius per input. The idea was further extended with the generalized anisotropic counterparts of ℓ 1 and ℓ 2 certificates which allow achieving larger certified region volume avoiding worst-case certification near potentially larger safe regions. However, anisotropic certification is limited by the aligned axis lacking the freedom to extend in any direction. To mitigate this constraint, in this work, we (i) revisit the anisotropic certification, provide an analysis of its non-axis aligned counterpart and propose its rotation-free extension, (ii) conduct experiments on the CIFAR-10 dataset to report the improved performance.
- Publication status:
- Published
- Peer review status:
- Peer reviewed
Actions
Access Document
- Files:
-
-
(Preview, Accepted manuscript, pdf, 4.3MB, Terms of use)
-
- Publisher copy:
- 10.1109/wacv56688.2023.00465
Authors
- Publisher:
- IEEE
- Host title:
- 2023 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)
- Pages:
- 2472-6737
- Place of publication:
- Los Alamitos, California
- Publication date:
- 2023-02-06
- Acceptance date:
- 2022-08-15
- Event title:
- 2023 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)
- Event series:
- Winter Conference on Applications of Computer Vision
- Event location:
- Waikoloa, HI, USA
- Event website:
- https://wacv2023.thecvf.com/home
- Event start date:
- 2023-01-03
- Event end date:
- 2023-01-07
- DOI:
- EISSN:
-
2642-9381
- ISSN:
-
2472-6737
- ISBN:
- 978-1-6654-9346-8
- Language:
-
English
- Keywords:
- Pubs id:
-
1328296
- Local pid:
-
pubs:1328296
- Deposit date:
-
2023-02-10
Terms of use
- Copyright holder:
- IEEE
- Copyright date:
- 2023
- Rights statement:
- © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
- Notes:
- This is the accepted manuscript version of the article. The final version is available from IEEE at: 10.1109/WACV56688.2023.00465
If you are the owner of this record, you can report an update to it here: Report update to this record