26/04/2020

Provable robustness against all adversarial $l_p$-perturbations for $p\geq 1$

Francesco Croce, Matthias Hein

Keywords: adversarial robustness, provable guarantees

Abstract Paper Similar Papers

Abstract: In recent years several adversarial attacks and defenses have been proposed. Often seemingly robust models turn out to be non-robust when more sophisticated attacks are used. One way out of this dilemma are provable robustness guarantees. While provably robust models for specific $l_p$-perturbation models have been developed, we show that they do not come with any guarantee against other $l_q$-perturbations. We propose a new regularization scheme, MMR-Universal, for ReLU networks which enforces robustness wrt $l_1$- \textit{and} $l_\infty$-perturbations and show how that leads to the first provably robust models wrt any $l_p$-norm for $p\geq 1$.

 0
 0
 0
 0
  Share    
This is an embedded video. Talk and the respective paper are published at ICLR 2020 virtual conference. If you are one of the authors of the paper and want to manage your upload, see the question "My papertalk has been externally embedded..." in the FAQ section.

Comments

Post Comment
no comments yet
code of conduct: tbd Characters remaining: 140

Similar Papers

 0
 1
 0
 0
 5:01 
 0
 0
 0
 1
 13:27 
 0
 0
 0
 0
 14:41 
 0
 0
 0
 0
 10:04 
 0
 0
 0
 0
 3:24 
 0
 0
 0
 0
 5:11 
 0
 0
 0
 0
 14:42 
 1
 0
 0
 1
 3:17 
 0
 0
 0
 0
 5:20 
 0
 0
 0
 0
 15:11 
 0
 0
 0
 0
 7:14 
 0
 0
 0
 0
 15:01 
 0
 0
 0
 0
 3:12 
 0
 0
 0
 0
 13:50 
 0
 0
 0
 0
 11:35 
 0
 0
 0
 0
 12:05 
 0
 0
 0
 0
 9:14 
 0
 0
 0
 0
 15:15 
 0
 0
 0
 0
 10:53 
 0
 0
 0
 0
 15:02 
 0
 0
 0
 0
 15:05 
 0
 0
 0
 0
 5:46 
 0
 0
 0
 0
 10:37 
 0
 0
 0
 0
 11:18 
 0
 0
 0
 0
 5:00 
 0
 0
 0
 0
 10:12 
 0
 0
 0
 0
 5:33 
 0
 0
 0
 0
 3:10 
 0
 0
 0
 0
 10:10 
 0
 0
 0
 0
 15:01 
 0
 0
 0
 0
 14:19 
 0
 0
 0
 0
 10:31 
 0
 0
 0
 1
 5:01 
 0
 0
 0
 0
 14:24 
 0
 0
 0
 0
 14:57 
 0
 0
 0
 0
 12:24 
 0
 0
 0
 0
 19:54 
 0
 0
 0
 0
 5:01 
 0
 0
 0
 0
 10:40 
 0
 0
 0
 0
 9:56