We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

stat.ML
< prev | next >
new | recent | 1912

Change to browse by:

cs
cs.LG
stat

References & Citations

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Machine Learning

Title: Training Provably Robust Models by Polyhedral Envelope Regularization

Authors: Chen Liu, Mathieu Salzmann, Sabine Süsstrunk
(Submitted on 10 Dec 2019 (v1), last revised 20 Sep 2021 (this version, v3))
Abstract: Training certifiable neural networks enables one to obtain models with robustness guarantees against adversarial attacks. In this work, we introduce a framework to bound the adversary-free region in the neighborhood of the input data by a polyhedral envelope, which yields finer-grained certified robustness. We further introduce polyhedral envelope regularization (PER) to encourage larger polyhedral envelopes and thus improve the provable robustness of the models. We demonstrate the flexibility and effectiveness of our framework on standard benchmarks; it applies to networks of different architectures and general activation functions. Compared with the state-of-the-art methods, PER has very little computational overhead and better robustness guarantees without over-regularizing the model.
Subjects: Machine Learning (cs.LG); Machine Learning (stat.ML)
Journal reference: IEEE Transactions on Neural Networks and Learning Systems 2021
Cite as: arXiv:1912.04792 [cs.LG]
  (or arXiv:1912.04792v3 [cs.LG] for this version)

Submission history

From: Chen Liu [view email]
[v1] Tue, 10 Dec 2019 16:05:20 GMT (5956kb,D)
[v2] Sat, 15 Feb 2020 20:46:25 GMT (5961kb,D)
[v3] Mon, 20 Sep 2021 12:12:03 GMT (5895kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.