Randomized Smoothing of All Shapes and Sizes
Jul 12, 2020
Speakers
J. Edward Hu
Speaker · 0 followers
Hadi Salman
Speaker · 1 follower
Ilya Razenshteyn
Speaker · 0 followers
About
Randomized smoothing is a recently proposed defense against adversarial attacks that has achieved state-of-the-art provable robustness against ℓ_2 perturbations. Soon after, a number of works devised new randomized smoothing schemes for other metrics, such as ℓ_1 or ℓ_∞; however, for each geometry, substantial effort was needed to derive new robustness guarantees. This begs the question: can we find a general theory for randomized smoothing? In this work we propose a novel framework for devising and analyzing randomized smoothing schemes, and validate its effectiveness in practice. Our theoretical contributions are as follows: (1) We show that for an appropriate notion of “optimal”, the optimal smoothing distributions for any “nice” norm have level sets given by the Wulff Crystal of that norm. (2) We propose two novel and complementary methods for deriving provably robust radii for any smoothing distribution. Finally, (3) we show fundamental limits to current randomized smoothing techniques via the theory of Banach space cotypes. By combining (1) and (2), we significantly improve the state-of-the-art certified accuracy in ℓ_1 on standard datasets. On the other hand, using (3), we show that, without more information than label statistics under random input perturbations, randomized smoothing cannot achieve nontrivial certified accuracy against perturbations of ℓ_∞-norm Ω(1/√(d)), when the input dimension d is large.Randomized smoothing is a recently proposed defense against adversarial attacks that has achieved state-of-the-art provable robustness against ℓ_2 perturbations. Soon after, a number of works devised new randomized smoothing schemes for other metrics, such as ℓ_1 or ℓ_∞; however, for each geometry, substantial effort was needed to derive new robustness guarantees. This begs the question: can we find a general theory for randomized smoothing? In this work we propose a novel framework for devising…
Categories
AI & Data Science
Category · 10.8k presentations
Mathematics
Category · 2.4k presentations
About ICML 2020
The International Conference on Machine Learning (ICML) is the premier gathering of professionals dedicated to the advancement of the branch of artificial intelligence known as machine learning. ICML is globally renowned for presenting and publishing cutting-edge research on all aspects of machine learning used in closely related areas like artificial intelligence, statistics and data science, as well as important application areas such as machine vision, computational biology, speech recognition, and robotics. ICML is one of the fastest growing artificial intelligence conferences in the world. Participants at ICML span a wide range of backgrounds, from academic and industrial researchers, to entrepreneurs and engineers, to graduate students and postdocs.
Like the format? Trust SlidesLive to capture your next event!
Professional recording and live streaming, delivered globally.
Sharing
Recommended Videos
Presentations on similar topic, category or speaker
A Note on Over-Smoothing for Graph Neural Networks
Watch later
Chen Cai, …
Confidence-Calibrated Adversarial Training: Generalizing to Unseen Attacks
Watch later
David Stutz, …
Variational Bayesian Quantization
Watch later
Yibo Yang, …
Poster #52
Watch later
