A Recipe for Improved Certifiable Robustness
Authors: Kai Hu, Klas Leino, Zifan Wang, Matt Fredrikson
ICLR 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Using a combination of novel techniques, design optimizations, and synthesis of prior work, we are able to significantly improve the state-of-the-art VRA for deterministic certification on a variety of benchmark datasets, and over a range of perturbation sizes. |
| Researcher Affiliation | Academia | Kai Hu, Klas Leino, Zifan Wang, Matt Fredrikson Carnegie Mellon University Pittsburgh, PA 15213, USA {kaihu, kleino, zifanw, mfredrik}@cs.cmu.edu |
| Pseudocode | No | The paper does not contain any structured pseudocode or algorithm blocks. |
| Open Source Code | No | The paper does not provide concrete access to source code for the methodology described. |
| Open Datasets | Yes | We use the elucidating diffusion model (EDM) (Karras et al., 2022) to generate new samples... For each dataset (CIFAR10, CIFAR100 and Tiny-Image Net), we train the diffusion models on the corresponding training set using the settings recommended by EDM. |
| Dataset Splits | No | The paper mentions using CIFAR-10/100, Tiny-Image Net, and Image Net datasets, but does not explicitly provide specific percentages or counts for training, validation, and test splits. It implies standard splits for these datasets, and mentions the 'Image Net validation dataset' in Section 1, but no detailed breakdown is provided for general reproducibility. |
| Hardware Specification | Yes | It takes 32.4, 37.8 and 51.2 seconds to train one epoch with CHORD, Cayley and Matrix Exp respectively on CIFAR-10 using the same A100 machine. |
| Software Dependencies | No | The paper does not provide specific version numbers for any software dependencies or libraries used in the experiments. |
| Experiment Setup | Yes | The first difference is that we change the maximum training perturbation radius to ϵtrain=108/255... We train the model with a batch size of 1024 where 256 samples come from the original dataset and the rest 768 samples are generated. We do not change other settings including the learning rate. |