Center Smoothing: Certified Robustness for Networks with Structured Outputs
Authors: Aounon Kumar, Tom Goldstein
NeurIPS 2021 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We apply our method to create certifiably robust models with disparate output spaces from sets to images and show that it yields meaningful certificates without significantly degrading the performance of the base model. |
| Researcher Affiliation | Academia | Aounon Kumar University of Maryland aounon@umd.edu Tom Goldstein University of Maryland tomg@cs.umd.edu |
| Pseudocode | Yes | Algorithm 1 Smooth Algorithm 2 Certify |
| Open Source Code | Yes | Code is included in the supplemental. |
| Open Datasets | Yes | We use a pre-trained face detection model for this experiment... on the Celeb A face dataset [45]... a generative adversarial network Big GAN pre-trained on Image Net images [5]... MNIST [16] and CIFAR-10 [32]. We are using datasets that are available in the public domain with custom license terms that allow non-commercial use, like MNIST, CIFAR-10 and Celeb A. |
| Dataset Splits | No | The paper mentions using 'n' and 'm' samples for smoothing and certification respectively, and training on noisy data with 'σtrain', but it does not specify explicit train/validation/test dataset splits with percentages or counts for reproducibility. |
| Hardware Specification | Yes | We ran all our experiments on a single NVIDIA Ge Force RTX 2080 Ti GPU in an internal cluster. |
| Software Dependencies | No | The paper does not specify any software names with version numbers (e.g., programming languages, libraries, or frameworks like Python, PyTorch, TensorFlow, etc.) used for the experiments. |
| Experiment Setup | Yes | We train our base models (except for the pre-trained ones) on noisy data with different noise levels σtrain = 0.1, 0.2, . . . , 0.5... We use n = 104 samples to estimate the smoothed function and m = 106 samples to generate certificates, unless stated otherwise. We set = 0.05, α1 = 0.005 and α2 = 0.005... We set n = 5000 and m = 10000, and use default values for other parameters discussed above. |