Provable Defense Against Geometric Transformations

• URL: http://arxiv.org/abs/2207.11177v3
• Date: Sat, 6 May 2023 17:10:23 GMT
• Title: Provable Defense Against Geometric Transformations
• Authors: Rem Yang, Jacob Laurel, Sasa Misailovic, Gagandeep Singh
• Abstract summary: We propose the first provable defense for deterministic certified geometric robustness. We show that our framework consistently achieves state-of-the-art deterministic certified geometric robustness and clean accuracy. For the first time, we verify the geometric robustness of a neural network for the challenging, real-world setting of autonomous driving.
• Score: 4.281091463408283
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Geometric image transformations that arise in the real world, such as scaling and rotation, have been shown to easily deceive deep neural networks (DNNs). Hence, training DNNs to be certifiably robust to these perturbations is critical. However, no prior work has been able to incorporate the objective of deterministic certified robustness against geometric transformations into the training procedure, as existing verifiers are exceedingly slow. To address these challenges, we propose the first provable defense for deterministic certified geometric robustness. Our framework leverages a novel GPU-optimized verifier that can certify images between 60$\times$ to 42,600$\times$ faster than existing geometric robustness verifiers, and thus unlike existing works, is fast enough for use in training. Across multiple datasets, our results show that networks trained via our framework consistently achieve state-of-the-art deterministic certified geometric robustness and clean accuracy. Furthermore, for the first time, we verify the geometric robustness of a neural network for the challenging, real-world setting of autonomous driving.

Related papers

• Learning Fourier shapes to probe the geometric world of deep neural networks [8.363511344553562]
  We show that optimized shapes can act as potent semantic carriers, generating high-confidence classifications from inputs defined purely by their geometry.<n>We also show that they are high-fidelity interpretability tools that precisely isolate a model's salient regions.
  arXiv  Detail & Related papers  (2025-11-07T04:13:11Z)
• FilletRec: A Lightweight Graph Neural Network with Intrinsic Features for Automated Fillet Recognition [2.402309979435103]
  This paper proposes an end-to-end, data-driven framework specifically for fillet features.<n>We first construct and release a large-scale, diverse benchmark dataset for fillet recognition.<n>We then propose FilletRec, a lightweight graph neural network.<n> Experiments show that FilletRec surpasses state-of-the-art methods in both accuracy and generalization.
  arXiv  Detail & Related papers  (2025-11-04T02:27:18Z)
• TIGeR: Tool-Integrated Geometric Reasoning in Vision-Language Models for Robotics [53.442362491589726]
  We present TIGeR (Tool-Integrated Geometric Reasoning), a novel framework that transforms Vision-Language Models (VLMs) into geometric computers.<n>Rather than attempting to internalize complex geometric operations within neural networks, TIGeR empowers models to recognize geometric reasoning requirements.<n>We show that TIGeR achieves SOTA performance on geometric reasoning benchmarks while demonstrating centimeter-level precision in real-world robotic manipulation tasks.
  arXiv  Detail & Related papers  (2025-10-08T16:20:23Z)
• Iterative Sizing Field Prediction for Adaptive Mesh Generation From Expert Demonstrations [49.173541207550485]
  Adaptive Meshing By Expert Reconstruction (AMBER) is an imitation learning problem. AMBER combines a graph neural network with an online data acquisition scheme to predict the projected sizing field of an expert mesh. We experimentally validate AMBER on 2D meshes and 3D meshes provided by a human expert, closely matching the provided demonstrations and outperforming a single-step CNN baseline.
  arXiv  Detail & Related papers  (2024-06-20T10:01:22Z)
• Deformation-Invariant Neural Network and Its Applications in Distorted Image Restoration and Analysis [8.009077765403287]
  Images degraded by geometric distortions pose a significant challenge to imaging and computer vision tasks such as object recognition. Deep learning-based imaging models usually fail to give accurate performance for geometrically distorted images. We propose the deformation-invariant neural network (DINN), a framework to address the problem of imaging tasks for geometrically distorted images.
  arXiv  Detail & Related papers  (2023-10-04T08:01:36Z)
• Precise and Generalized Robustness Certification for Neural Networks [13.880775045434381]
  The objective of neural network (NN) robustness certification is to determine if a NN changes its predictions when mutations are made to its inputs. This paper proposes a novel framework, GCERT, which certifies NN robustness under a precise and unified form of diverse semantic-level image mutations.
  arXiv  Detail & Related papers  (2023-06-11T19:00:41Z)
• Geometric-aware Pretraining for Vision-centric 3D Object Detection [77.7979088689944]
  We propose a novel geometric-aware pretraining framework called GAPretrain. GAPretrain serves as a plug-and-play solution that can be flexibly applied to multiple state-of-the-art detectors. We achieve 46.2 mAP and 55.5 NDS on the nuScenes val set using the BEVFormer method, with a gain of 2.7 and 2.1 points, respectively.
  arXiv  Detail & Related papers  (2023-04-06T14:33:05Z)
• A Comprehensive Study on Robustness of Image Classification Models: Benchmarking and Rethinking [54.89987482509155]
  robustness of deep neural networks is usually lacking under adversarial examples, common corruptions, and distribution shifts. We establish a comprehensive benchmark robustness called textbfARES-Bench on the image classification task. By designing the training settings accordingly, we achieve the new state-of-the-art adversarial robustness.
  arXiv  Detail & Related papers  (2023-02-28T04:26:20Z)
• Towards Verifying the Geometric Robustness of Large-scale Neural Networks [8.60992681271439]
  Deep neural networks (DNNs) are known to be vulnerable to adversarial geometric transformation. This paper aims to verify the robustness of large-scale DNNs against the combination of multiple geometric transformations with a provable guarantee. We develop GeoRobust, a black-box optimisation analyser, for locating the worst-case combination of transformations.
  arXiv  Detail & Related papers  (2023-01-29T14:44:27Z)
• Quantization-aware Interval Bound Propagation for Training Certifiably Robust Quantized Neural Networks [58.195261590442406]
  We study the problem of training and certifying adversarially robust quantized neural networks (QNNs) Recent work has shown that floating-point neural networks that have been verified to be robust can become vulnerable to adversarial attacks after quantization. We present quantization-aware interval bound propagation (QA-IBP), a novel method for training robust QNNs.
  arXiv  Detail & Related papers  (2022-11-29T13:32:38Z)
• Leveraging Equivariant Features for Absolute Pose Regression [9.30597356471664]
  We show that a translation and rotation equivariant Convolutional Neural Network directly induces representations of camera motions into the feature space. We then show that this geometric property allows for implicitly augmenting the training data under a whole group of image plane-preserving transformations.
  arXiv  Detail & Related papers  (2022-04-05T12:44:20Z)
• Revisiting Transformation Invariant Geometric Deep Learning: Are Initial Representations All You Need? [80.86819657126041]
  We show that transformation-invariant and distance-preserving initial representations are sufficient to achieve transformation invariance. Specifically, we realize transformation-invariant and distance-preserving initial point representations by modifying multi-dimensional scaling. We prove that TinvNN can strictly guarantee transformation invariance, being general and flexible enough to be combined with the existing neural networks.
  arXiv  Detail & Related papers  (2021-12-23T03:52:33Z)
• MeshCNN Fundamentals: Geometric Learning through a Reconstructable Representation [1.2891210250935146]
  We propose infusing MeshCNN with geometric reasoning to achieve higher quality learning. We introduce the first and second fundamental forms as an edge-centric, rotation and translation invariant, reconstructable representation. We demonstrate this fundamental forms-based representation opens the door to accessible generative machine learning over meshes.
  arXiv  Detail & Related papers  (2021-05-27T16:22:44Z)
• Fusing the Old with the New: Learning Relative Camera Pose with Geometry-Guided Uncertainty [91.0564497403256]
  We present a novel framework that involves probabilistic fusion between the two families of predictions during network training. Our network features a self-attention graph neural network, which drives the learning by enforcing strong interactions between different correspondences. We propose motion parmeterizations suitable for learning and show that our method achieves state-of-the-art performance on the challenging DeMoN and ScanNet datasets.
  arXiv  Detail & Related papers  (2021-04-16T17:59:06Z)
• GDRNPP: A Geometry-guided and Fully Learning-based Object Pose Estimator [51.89441403642665]
  6D pose estimation of rigid objects is a long-standing and challenging task in computer vision. Recently, the emergence of deep learning reveals the potential of Convolutional Neural Networks (CNNs) to predict reliable 6D poses. This paper introduces a fully learning-based object pose estimator.
  arXiv  Detail & Related papers  (2021-02-24T09:11:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.