[Re] Double Sampling Randomized Smoothing

• URL: http://arxiv.org/abs/2306.15221v1
• Date: Tue, 27 Jun 2023 05:46:18 GMT
• Title: [Re] Double Sampling Randomized Smoothing
• Authors: Aryan Gupta, Sarthak Gupta, Abhay Kumar, Harsh Dugar
• Abstract summary: This paper is a contribution to the challenge in the field of machine learning, specifically addressing the issue of certifying the robustness of neural networks (NNs) against adversarial perturbations. The proposed Double Sampling Randomized Smoothing (DSRS) framework overcomes the limitations of existing methods by using an additional smoothing distribution to improve the robustness certification.
• Score: 2.6763498831034043
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: This paper is a contribution to the reproducibility challenge in the field of machine learning, specifically addressing the issue of certifying the robustness of neural networks (NNs) against adversarial perturbations. The proposed Double Sampling Randomized Smoothing (DSRS) framework overcomes the limitations of existing methods by using an additional smoothing distribution to improve the robustness certification. The paper provides a clear manifestation of DSRS for a generalized family of Gaussian smoothing and a computationally efficient method for implementation. The experiments on MNIST and CIFAR-10 demonstrate the effectiveness of DSRS, consistently certifying larger robust radii compared to other methods. Also various ablations studies are conducted to further analyze the hyperparameters and effect of adversarial training methods on the certified radius by the proposed framework.

Related papers

• Decentralized Smoothing ADMM for Quantile Regression with Non-Convex Sparse Penalties [3.269165283595478]
  In the rapidly evolving internet-of-things (IoT) ecosystem, effective data analysis techniques are crucial for handling distributed data generated by sensors. Addressing the limitations of existing methods, such as the sub-gradient consensus approach, which fails to distinguish between active and non-active coefficients.
  arXiv  Detail & Related papers  (2024-08-02T15:00:04Z)
• Distributionally Robust Safe Screening [14.973247943788234]
  We propose a Distributionally Robust Safe Screening (DRSS) method for identifying unnecessary samples and features. We provide a theoretical guarantee of the DRSS method and validate its performance through numerical experiments on both synthetic and real-world datasets.
  arXiv  Detail & Related papers  (2024-04-25T04:29:25Z)
• Machine Learning Assisted Adjustment Boosts Efficiency of Exact Inference in Randomized Controlled Trials [12.682443719767763]
  We show the proposed method can robustly control the type I error and can boost the statistical efficiency for a randomized controlled trial (RCT) Its application may remarkably reduce the required sample size and cost of RCTs, such as phase III clinical trials.
  arXiv  Detail & Related papers  (2024-03-05T15:48:07Z)
• A Direct Sampling-Based Deep Learning Approach for Inverse Medium Scattering Problems [3.776050336003086]
  We propose a novel direct sampling-based deep learning approach (DSM-DL) for reconstructing inhomogeneous scatterers. Our proposed DSM-DL is computationally efficient, robust to noise, easy to implement, and able to naturally incorporate multiple measured data.
  arXiv  Detail & Related papers  (2023-04-29T12:29:30Z)
• A Provably Efficient Model-Free Posterior Sampling Method for Episodic Reinforcement Learning [50.910152564914405]
  Existing posterior sampling methods for reinforcement learning are limited by being model-based or lack worst-case theoretical guarantees beyond linear MDPs. This paper proposes a new model-free formulation of posterior sampling that applies to more general episodic reinforcement learning problems with theoretical guarantees.
  arXiv  Detail & Related papers  (2022-08-23T12:21:01Z)
• Disentangled Representation Learning for RF Fingerprint Extraction under Unknown Channel Statistics [77.13542705329328]
  We propose a framework of disentangled representation learning(DRL) that first learns to factor the input signals into a device-relevant component and a device-irrelevant component via adversarial learning. The implicit data augmentation in the proposed framework imposes a regularization on the RFF extractor to avoid the possible overfitting of device-irrelevant channel statistics. Experiments validate that the proposed approach, referred to as DR-RFF, outperforms conventional methods in terms of generalizability to unknown complicated propagation environments.
  arXiv  Detail & Related papers  (2022-08-04T15:46:48Z)
• Double Sampling Randomized Smoothing [19.85592163703077]
  We propose a Double Sampling Randomized Smoothing framework. It exploits the sampled probability from an additional smoothing distribution to tighten the robustness certification of the previous smoothed classifier. We show that DSRS certifies larger robust radii than existing datasets consistently under different settings.
  arXiv  Detail & Related papers  (2022-06-16T04:34:28Z)
• AP-BSN: Self-Supervised Denoising for Real-World Images via Asymmetric PD and Blind-Spot Network [60.650035708621786]
  Blind-spot network (BSN) and its variants have made significant advances in self-supervised denoising. It is challenging to deal with spatially correlated real-world noise using self-supervised BSN. Recently, pixel-shuffle downsampling (PD) has been proposed to remove the spatial correlation of real-world noise. We propose an Asymmetric PD (AP) to address this issue, which introduces different PD stride factors for training and inference.
  arXiv  Detail & Related papers  (2022-03-22T15:04:37Z)
• A Generalizable Model-and-Data Driven Approach for Open-Set RFF Authentication [74.63333951647581]
  Radio-frequency fingerprints(RFFs) are promising solutions for realizing low-cost physical layer authentication. Machine learning-based methods have been proposed for RFF extraction and discrimination. We propose a new end-to-end deep learning framework for extracting RFFs from raw received signals.
  arXiv  Detail & Related papers  (2021-08-10T03:59:37Z)
• Sampling-free Variational Inference for Neural Networks with Multiplicative Activation Noise [51.080620762639434]
  We propose a more efficient parameterization of the posterior approximation for sampling-free variational inference. Our approach yields competitive results for standard regression problems and scales well to large-scale image classification tasks.
  arXiv  Detail & Related papers  (2021-03-15T16:16:18Z)
• Stochastic-Sign SGD for Federated Learning with Theoretical Guarantees [49.91477656517431]
  Quantization-based solvers have been widely adopted in Federated Learning (FL) No existing methods enjoy all the aforementioned properties. We propose an intuitively-simple yet theoretically-simple method based on SIGNSGD to bridge the gap.
  arXiv  Detail & Related papers  (2020-02-25T15:12:15Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.