Certified Adversarial Robustness Under the Bounded Support Set
Authors: Yiwen Kou, Qinyuan Zheng, Yisen Wang
ICML 2022 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We present experimental results on CIFAR-10 dataset with Res Net model to validate part of our theory about uniform smoothing measures with l2 ball and l ball support set on l2 adversary and use Gaussian smoothing measure as contrast. |
| Researcher Affiliation | Academia | 1Yuanpei College, Peking University 2Key Lab. of Machine Perception (Mo E), School of Artificial Intelligence, Peking University. 3Institute for Artificial Intelligence, Peking University. |
| Pseudocode | Yes | Algorithm 1 Certification Process |
| Open Source Code | No | The paper mentions using an implementation from GitHub for comparison purposes but does not state that their own methodology's code is open-source or provided. |
| Open Datasets | Yes | We choose CIFAR-10 as our main dataset and Res Net-110 as our base classifier. |
| Dataset Splits | No | The paper states: 'We first train the base classifier on the 50000 image training set without smoothing and achieve 89.6% prediction accuracy on the 10000 image test set.' It specifies training and test sets but does not explicitly mention a separate validation set or its split details. |
| Hardware Specification | Yes | All training, testing, and certification are run on an NVIDIA RTX 3090. |
| Software Dependencies | No | The paper does not list specific software dependencies with version numbers. |
| Experiment Setup | Yes | We set the sample amount n to 100, 1000, and 10000 with three different smoothing distributions, and they all obtain similar results: it takes only 10 minutes to run through the 10000 images test set with 100 samples for each image, 30 minutes with 1000 samples and 3 hours with excessive 10000 samples. We first implement our framework with Gaussian smoothing measure N(x, σ2I) where σ = 0.025, 0.05, 0.1 and sample amount n=100. Next, for smoothing process, we substitute Gaussian distribution with l2, l norm ball support set uniform distribution, with r = 0.025, 0.05, 0.1. |