Efficient Certification of Spatial Robustness
نویسندگان
چکیده
Recent work has exposed the vulnerability of computer vision models to vector field attacks. Due widespread usage such in safety-critical applications, it is crucial quantify their robustness against spatial transformations. However, existing only provides empirical quantification deformations via adversarial attacks, which lack provable guarantees. In this work, we propose novel convex relaxations, enabling us, for first time, provide a certificate Our relaxations are model-agnostic and can be leveraged by wide range neural network verifiers. Experiments on various architectures different datasets demonstrate effectiveness scalability our method.
منابع مشابه
Robustness of Spatial Micronetworks
Power lines, roadways, pipelines, and other physical infrastructure are critical to modern society. These structures may be viewed as spatial networks where geographic distances play a role in the functionality and construction cost of links. Traditionally, studies of network robustness have primarily considered the connectedness of large, random networks. Yet for spatial infrastructure, physic...
متن کاملRobustness of Scale-free Spatial Networks
A growing family of random graphs is called robust if it retains a giant component after percolation with arbitrary positive retention probability. We study robustness for graphs, in which new vertices are given a spatial position on the d-dimensional torus and are connected to existing vertices with a probability favouring short spatial distances and high degrees. In this model of a scale-free...
متن کاملEfficient Computation of a Guaranteed Robustness Margin
A computationally very efficient method is proposed to compute a guaranteed robustness margin, by combining methods which compute a guaranteed μ upper bound over a frequency interval and those which eliminate frequency intervals inside which μ is less than a treshold. The μ upper bound is computed at several frequency points simultaneously either using the LMI Control Toolbox or the μ Analysis ...
متن کاملCertification and Efficient Proofs of Committed Topology Graphs
Digital signature schemes are a foundational cryptographic building block in certification and the projection of trust. Based on a signature scheme on committed graphs, we propose a toolkit of certification and proof methods to sign committed topology graphs and to prove properties of their certificates in zero-knowledge. This toolkit allows an issuer, such as an auditor, to sign the topology r...
متن کاملCompact Modeling of Nonlinear Analog Circuits using System Identification via Semi-Definite Programming and Robustness Certification
This paper presents a system identification technique for generating stable compact models of typical analog circuit blocks in radio frequency systems. The identification procedure is based on minimizing the model error over a given training data set subject to an incremental stability constraint, which is formulated as a semidefinite optimization problem. Numerical results are presented for se...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ... AAAI Conference on Artificial Intelligence
سال: 2021
ISSN: ['2159-5399', '2374-3468']
DOI: https://doi.org/10.1609/aaai.v35i3.16352