PDF Editor
PDF Converter
Image Converter
Video Converter
Audio Converter
File Compressor
adversarial training and provable defenses bridging the

Adversarial Training and Provable Defenses: Bridging the Gap S 0 - PowerPoint PPT Presentation

Nov 11, 2022 β€’274 likes β€’459 views

Adversarial Training and Provable Defenses: Bridging the Gap S 0 1 1 = 1 2 3 Conv + ReLU Conv + ReLU Linear =

  1. Adversarial Training and Provable Defenses: Bridging the Gap

  2. 𝑀 ∞

  3. 𝑦 S 0 𝑦 𝑙 ∘ β„Ž πœ„ π‘™βˆ’1 ∘ β‹― ∘ β„Ž πœ„ 1 β„Ž πœ„ = β„Ž πœ„ 1 2 3 β„Ž πœ„ β„Ž πœ„ β„Ž πœ„ Conv + ReLU Conv + ReLU Linear β€² = β„Ž πœ„ (𝑦′) 𝑦 β€² ∈ 𝑇 0 (𝑦) β€² β€² 𝑦 1 𝑦 3 𝑦 2

  4. 𝑑 π‘ˆ β„Ž πœ„ 𝑦 β€² + 𝑒 < 0, βˆ€π‘¦ β€² ∈ 𝑇 0 (𝑦) 1 2 3 β„Ž πœ„ β„Ž πœ„ β„Ž πœ„ Conv + ReLU Conv + ReLU Linear β€² = β„Ž πœ„ (𝑦′) 𝑦 β€² ∈ 𝑇 0 (𝑦) β€² β€² 𝑦 1 𝑦 3 𝑦 2

  5. 1 2 3 β„Ž πœ„ β„Ž πœ„ β„Ž πœ„ Conv + ReLU Conv + ReLU Check output condition: Linear β€² + 𝑒 < 0, βˆ€π‘¦ 3 β€² ∈ 𝐷 3 𝑦 𝑑 π‘ˆ 𝑦 3 𝐷 0 𝑦 = 𝑇 0 (𝑦) 𝐷 1 𝑦 𝐷 2 𝑦 𝐷 3 𝑦 Guarantees: 𝑑 π‘ˆ β„Ž πœ„ 𝑦 β€² + 𝑒 < 0, βˆ€π‘¦ β€² ∈ 𝑇 0 (𝑦)

  6. β„’ 𝑦 β€² βˆˆπ‘‡ 0 (𝑦) β„’(β„Ž πœ„ 𝑦 β€² , 𝑧) min πœ„ 𝐹 𝑦,𝑧 ~𝐸 max lower upper

  7. upper β€’ β€’ lower β€’ β€’ β€’ β€’

  8. 1 2 3 β„Ž πœ„ β„Ž πœ„ β„Ž πœ„ β€² β€² β€² 𝑦 1 𝑦 2 𝑦 3 β€² 𝑦 2 β€² 𝑦 3 β€² 𝑦 1 𝐷 0 𝑦 = 𝑇 0 (𝑦) 𝐷 1 𝑦 𝐷 2 𝑦 𝐷 3 𝑦 β€² + 𝑒 < 0 β†’ certification fails 𝑑 π‘ˆ 𝑦 3

  9. 𝑇 0 (𝑦) 𝐷 1 𝑦 , 𝐷 2 𝑦 , 𝐷 3 (𝑦)

  10. 2 1 3 β„Ž πœ„ β„Ž πœ„ β„Ž πœ„ Conv + ReLU Conv + ReLU β€² β€² 𝑦 2 𝑦 1 Linear β€² , 𝑧) β„’(𝑦 3 β€² , 𝑧) 𝛼 πœ„ β„’(𝑦 3 β€² 𝑦 2 β€² 𝑦 3 β€² 𝑦 1 𝐷 0 𝑦 = 𝑇 0 (𝑦) 𝐷 1 𝑦 𝐷 2 𝑦 𝐷 3 𝑦

  12. projection

  13. 𝐷 π‘š 𝑦 = 𝑏 π‘š + 𝐡 π‘š 𝑓 𝑓 ∈ βˆ’1, 1 𝑛 π‘š 𝑏 π‘š 𝐡 π‘š 𝑀 ∞ πœ— 𝑏 0 = 𝑦 𝐡 0 = πœ—π½

  14. Key idea 𝑦 β€² = 𝑏 π‘š + 𝐡 π‘š 𝑓 β€² 𝑦 1 𝑓 1 β€² 𝑓 2 𝑦 2 β€² ≔ 2𝑓 1 βˆ’ 𝑓 2 𝑦 1 β€² ≔ 𝑓 1 + 𝑓 2 𝑦 2

  15. Method Accuracy (%) Certified Robustness (%)

  16. Method Accuracy (%) Certified Robustness (%)

Recommend

Internet Outbreaks: Internet Outbreaks: Epidemiology and Defenses Epidemiology and Defenses

Internet Outbreaks: Internet Outbreaks: Epidemiology and Defenses Epidemiology and Defenses

Internet Outbreaks: Internet Outbreaks: Epidemiology and Defenses Epidemiology and Defenses Stefan Savage Stefan Savage Collaborative Center for Internet Epidemiology and Defenses Collaborative Center for Internet Epidemiology and Defenses

760 views β€’ 58 slides
15-780 Graduate Artificial Intelligence: Adversarial attacks and provable defenses J. Zico

15-780 Graduate Artificial Intelligence: Adversarial attacks and provable defenses J. Zico

15-780 Graduate Artificial Intelligence: Adversarial attacks and provable defenses J. Zico Kolter (this lecture) and Ariel Procaccia Carnegie Mellon University Spring 2018 Portions base upon joint work with Eric Wong 1 Outline Adverarial

710 views β€’ 39 slides
Lessons Learned from Evaluating the Robustness of Defenses to Adversarial Examples Nicholas

Lessons Learned from Evaluating the Robustness of Defenses to Adversarial Examples Nicholas

Lessons Learned from Evaluating the Robustness of Defenses to Adversarial Examples Nicholas Carlini Google Research Lessons Learned from Evaluating the Robustness of Defenses to Adversarial Examples Lessons Learned from Evaluating the

1.28k views β€’ 127 slides
Confidence-Calibrated Adversarial Training Generalizing to Unseen Attacks David Stutz, Matthias

Confidence-Calibrated Adversarial Training Generalizing to Unseen Attacks David Stutz, Matthias

Confidence-Calibrated Adversarial Training Generalizing to Unseen Attacks David Stutz, Matthias Hein, Bernt Schiele 2-Minute Overview Problem: Robustness to various adversarial examples. Adversarial training on L adversarial examples:

635 views β€’ 34 slides
Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs William Wang 10:30 11:00 Break - 11:00 12:15 Adversarial Examples Sameer Singh 12:15 12:30 Conclusions and Question Answering William

1.75k views β€’ 105 slides
Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu

Reinforcing Adversarial Robustness using Model Confidence Induced by Adversarial Training Xi Wu xiwu@cs.wisc.edu Joint work with Uyeong Jang, Jiefeng Chen, Lingjiao Chen, and Somesh Jha July 19, 2018 Xi Wu Model Confidence and Adversarial

740 views β€’ 9 slides
Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google

Adversarial Examples and Adversarial Training Ian Goodfellow, Sta ff Research Scientist, Google Brain CS 231n, Stanford University, 2017-05-30 Overview What are adversarial examples? Why do they happen? How can they be used to

868 views β€’ 43 slides
Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial

Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial

Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial examples? Standard ML setup: We have training data; try to do well on withheld testing data. Adversarial/robust ML setup: We have training

672 views β€’ 27 slides
On Adaptive Attacks to Adversarial Example Defenses Florian Tramr USENIX ScAINet August 10 th

On Adaptive Attacks to Adversarial Example Defenses Florian Tramr USENIX ScAINet August 10 th

On Adaptive Attacks to Adversarial Example Defenses Florian Tramr USENIX ScAINet August 10 th , 2020 Joint work with Nicholas Carlini, Wieland Brendel and Aleksander Madry What Are Adversarial Examples? 88% Tabby Cat 99% Guacamole Biggio

360 views β€’ 21 slides
The case for dynamic defenses against adversarial examples Ian Goodfellow SafeML ICLR Workshop

The case for dynamic defenses against adversarial examples Ian Goodfellow SafeML ICLR Workshop

The case for dynamic defenses against adversarial examples Ian Goodfellow SafeML ICLR Workshop 2019-05-06 New Orleans Based on https://arxiv.org/pdf/1903.06293.pdf Definition Adversarial examples are inputs to machine learning models that

412 views β€’ 22 slides
Transferable Adversarial Examples: Insights, A9acks &amp; Defenses June 12 th 2017 Florian

Transferable Adversarial Examples: Insights, A9acks &amp; Defenses June 12 th 2017 Florian

Transferable Adversarial Examples: Insights, A9acks &amp; Defenses June 12 th 2017 Florian Tramr Joint work with Alexey Kurakin, Nicolas Papernot, Ian Goodfellow, Dan Boneh &amp; Patrick McDaniel Adversarial Examples Threat Model: White-Box

480 views β€’ 27 slides
A-NICE-MC Jiaming Song 1. Motivation 2. Notations and Problem Setup 3. Adversarial Training for

A-NICE-MC Jiaming Song 1. Motivation 2. Notations and Problem Setup 3. Adversarial Training for

Adversarial Training for MCMC Shengjia Zhao Stefano Ermon March 7, 2018 Stanford University A-NICE-MC Jiaming Song 1. Motivation 2. Notations and Problem Setup 3. Adversarial Training for Markov Chains 4. Adversarial Training for MCMC 5.

851 views β€’ 58 slides
Friendly Adversarial Training: Attacks Which Do Not Kill Training Make Adversarial Learning

Friendly Adversarial Training: Attacks Which Do Not Kill Training Make Adversarial Learning

Friendly Adversarial Training: Attacks Which Do Not Kill Training Make Adversarial Learning Stronger Jingfeng Zhang 1 * , Xilie Xu 2* , Bo Han 34 , Gang Niu 4 , Lichen Cui 5 , Masashi Sugiyama 46 , and Mohan Kankanhalli 1 1 Department of Computer

376 views β€’ 14 slides
Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr

Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr

Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr Stanford Joint work with Alexey Kurakin (Google Brain) Nicolas Papernot (PSU) Ian Goodfellow (Google Brain) Dan Boneh (Stanford) Patrick

1.14k views β€’ 23 slides
Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017

Ensemble Adversarial Training A1acks and Defenses Cybersecurity With The Best October 15 th 2017 Florian Tramr Stanford Joint work with Alexey Kurakin (Google Brain) Nicolas Papernot (PSU) Dan Boneh (Stanford) Patrick McDaniel (PSU)

723 views β€’ 24 slides
Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Presenting a live 90 minute webinar with interactive Q&amp;A Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and Contemporaneous Exchange Managing the Audit Process, Mitigating Regulatory Sanctions, and

893 views β€’ 52 slides
CS 225 Data Structures Au August 26 Cl Classes es and Ref efer eren ence ce Variables

CS 225 Data Structures Au August 26 Cl Classes es and Ref efer eren ence ce Variables

CS 225 Data Structures Au August 26 Cl Classes es and Ref efer eren ence ce Variables es G G Carl Evans St Stream Ru Rules TL;DR: Treat the stream like a classroom, don't say anything that would send you to the Dean of Students.

573 views β€’ 22 slides
timelines at scale @ra ffi qcon sf 2012 Pull Push Targeted twitter.com User / Site Streams

timelines at scale @ra ffi qcon sf 2012 Pull Push Targeted twitter.com User / Site Streams

timelines at scale @ra ffi qcon sf 2012 Pull Push Targeted twitter.com User / Site Streams home_timeline API Mobile Push (SMS, etc.) Queried Search API Track / Follow Streams the challenge &gt; 150M world wide active users &gt; 300K

706 views β€’ 42 slides
Lecture 3.3: Normal subgroups Matthew Macauley Department of Mathematical Sciences Clemson

Lecture 3.3: Normal subgroups Matthew Macauley Department of Mathematical Sciences Clemson

Lecture 3.3: Normal subgroups Matthew Macauley Department of Mathematical Sciences Clemson University http://www.math.clemson.edu/~macaule/ Math 4120, Modern Algebra M. Macauley (Clemson) Lecture 3.3: Normal subgroups Math 4120, Modern

362 views β€’ 7 slides
aug ( h ) = E in ( h ) + onstrained unonstrained : heuristi smo oth, simple h

aug ( h ) = E in ( h ) + onstrained unonstrained : heuristi smo oth, simple h

Review of Leture 12 Cho osing a regula rizer Regula rization aug ( h ) = E in ( h ) + onstrained unonstrained : heuristi smo oth, simple h N ( h ) E most used: w eight dea y onst. in = ( h )

357 views β€’ 23 slides
AND USING C MODULES CSSE 120 Rose Hulman Institute of Technology Preamble: #define and typedef

AND USING C MODULES CSSE 120 Rose Hulman Institute of Technology Preamble: #define and typedef

STRUCTS, TYPEDEF, #DEFINE, AND USING C MODULES CSSE 120 Rose Hulman Institute of Technology Preamble: #define and typedef C allows us to define our own constants and type names to help make code more readable For more info, see Kochan,

584 views β€’ 29 slides
Controllable Invariance through Adversarial Feature Learning Qizhe Xie, Zihang Dai, Yulun Du,

Controllable Invariance through Adversarial Feature Learning Qizhe Xie, Zihang Dai, Yulun Du,

Controllable Invariance through Adversarial Feature Learning Qizhe Xie, Zihang Dai, Yulun Du, Eduard Hovy, Graham Neubig Carnegie Mellon University Language Technologies Institute NIPS 2017 Outline Introduction Introduction Adversarial

308 views β€’ 11 slides
H H H Resonance Draw the Lewis structure for nitromethane, CH 3 NO 2 - . . .. . H . . H

H H H Resonance Draw the Lewis structure for nitromethane, CH 3 NO 2 - . . .. . H . . H

Resonance Draw the Lewis structure of [CH 2 =CHCH 2 ] + H H H H H H . C C C C C C + + . + H C H H C H H C H H H H H H H H H H + + C C H C C H C C H H H H C C + C H H H Resonance Draw the Lewis

337 views β€’ 12 slides
Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.2 Axiomatic systems for

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.2 Axiomatic systems for

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.2 Axiomatic systems for propositional logics Valentin Goranko Stockholm University October 2016 Goranko Hilbert-style axiomatic systems Based on axioms (or, axiom

115 views β€’ 10 slides

More recommend

Logo Sambuz

Unleash a World of Digital Possibilitiesβ€”Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Blogs Contact

Newsletter

Stay Informed & Inspiredβ€”Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2025 SAMBUZ, All right reserved.