Boosting Robustness Verification of Semantic Feature Neighborhoods
نویسندگان
چکیده
Deep neural networks have been shown to be vulnerable adversarial attacks that perturb inputs based on semantic features. Existing robustness analyzers can reason about feature neighborhoods increase the networks’ reliability. However, despite significant progress in these techniques, they still struggle scale deep and large neighborhoods. In this work, we introduce VeeP, an active learning approach splits verification process into a series of smaller steps, each is submitted existing analyzer. The key idea build prior steps predict next optimal step. step predicted by estimating analyzer’s velocity sensitivity via parametric regression. We evaluate VeeP MNIST, Fashion-MNIST, CIFAR-10 ImageNet show it analyze various features: brightness, contrast, hue, saturation, lightness. that, average, given 90 minute timeout, verifies 96% maximally certifiable within 29 minutes, while splitting approaches verify, 73% 58 minutes.
منابع مشابه
Mobile signature verification: feature robustness and performance comparison
In this study, the effects of using handheld devices on the performance of automatic signature verification systems are studied. The authors compare the discriminative power of global and local signature features between mobile devices and pen tablets, which are the prevalent acquisition device in the research literature. Individual feature discriminant ratios and feature selection techniques a...
متن کاملSemantic Neighborhoods as Hypergraphs
Ambiguity preserving representations such as lattices are very useful in a number of NLP tasks, including paraphrase generation, paraphrase recognition, and machine translation evaluation. Lattices compactly represent lexical variation, but word order variation leads to a combinatorial explosion of states. We advocate hypergraphs as compact representations for sets of utterances describing the ...
متن کاملNeighborhoods as Nuisance Parameters? Robustness vs. Semiparametrics
Deviations from the center within a robust neighborhood may naturally be considered an infinite dimensional nuisance parameter. Thus, the semiparametric method may be tried, which is to compute the scores function for the main parameter minus its orthogonal projection on the closed linear tangent space for the nuisance parameter, and then rescale for Fisher consistency. We derive such a semipar...
متن کاملA Semantic Web Approach to Feature Modeling and Verification
Feature models are widely used in domain engineering to capture common and variant concepts among systems in a particular domain. However, the lack of a formal semantics of feature models has hindered the development of this area. This paper presents a Semantic Web environment for modeling and verifying feature diagrams using ontologies. We use OWL DL (a decidable dialect of OWL) to precisely c...
متن کاملBoosting Authenticated Encryption Robustness with Minimal Modifications
Secure and highly efficient authenticated encryption (AE) algorithms which achieve data confidentiality and authenticity in the symmetric-key setting have existed for well over a decade. By all conventional measures, AES-OCB seems to be the AE algorithm of choice on any platform with AES-NI: it has a proof showing it is secure assuming AES is, and it is one of the fastest out of all such algori...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Lecture Notes in Computer Science
سال: 2022
ISSN: ['1611-3349', '0302-9743']
DOI: https://doi.org/10.1007/978-3-031-22308-2_14