Certified Adversarial Robustness via Randomized $\alpha$-Smoothing for Regression Models
Authors: Aref Rekavandi, Farhad Farokhi, Olga Ohrimenko, Benjamin Rubinstein
NeurIPS 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Complementing experiments with synthetic data, we benchmark our CR and RS approaches with the Cambridge Landmarks [9] dataset and DSAC framework [3] for camera re-localization. |
| Researcher Affiliation | Academia | Aref Miri Rekavandi University of Melbourne aref.mirirekavandi@unimelb.edu.au Farhad Farokhi University of Melbourne farhad.farokhi@unimelb.edu.au Olga Ohrimenko University of Melbourne oohrimenko@unimelb.edu.au Benjamin I.P. Rubinstein University of Melbourne benjamin.rubinstein@unimelb.edu.au |
| Pseudocode | Yes | Algorithm 1: Pseudocode for prediction and certification of smoothed regression model gα at x. |
| Open Source Code | Yes | Code is publicly available at https://github.com/arekavandi/Certified_adv_RRegression/. |
| Open Datasets | Yes | For the first time, we propose a benchmark for certified robust regression in visual positioning systems using the Cambridge Landmarks dataset where robustness analysis is essential for autonomous navigation of AI agents and self-driving cars. Code is publicly available at https://github.com/arekavandi/Certified_adv_RRegression/. [...] Cambridge Landmarks dataset [9] and in particular 3 of the largest scenes in this popular dataset namely Great Court, King s College, and St. Mary Church. |
| Dataset Splits | No | The paper does not provide explicit training, validation, and test dataset splits. It describes the total number of images used per scene (e.g., 760 images for Great Court, 343 for King's College, 530 for St. Mary Church) and parameters for the certification process, but not conventional data splits. |
| Hardware Specification | Yes | All simulations and experiments were conducted using an Intel(R) Core(TM) i7-9750H CPU running at 2.60GHz (with a base clock speed of 2.59GHz) and 16GB of RAM. |
| Software Dependencies | No | The paper does not specify any software dependencies with version numbers, such as programming languages, libraries, or frameworks. |
| Experiment Setup | Yes | For the first part of the experiments, we utilized the function f(x) = 10 sin(2x1) + 2(x2 − 2)3. [...] utilizing the formulas (4) and (14) with P = 0.8, σ = 0.15, ϵy = 6 using ℓ1 norm, n = 10,000 at two different rates of α = 0.35 and α = 0.49. [...] For computing certified error for any image, we used the same formulation as in [17], given by e K = gα(x + δ) p 2 + 1r>ϵx K, δ 2 r, with K = 150cm, and α = 0.35. For learning of p A using Clopper-Pearson (β = 0.5: 75% confidence), we used 100 samples and then we used n = 10 per radius to examine ℓ2 attack. For each scene, the adopted parameters are selected differently to cover various experimental setups. Great Court: P = 0.8, ϵy = 5m, output ℓ1 norm, σ = 0.05, and 760 images sized 480 × 854. King s College: P = 0.8, ϵy = 1m, output ℓ1 norm, σ = 0.08, and 343 images sized 480 × 854. St. Mary Church: P = 0.9, ϵy = 5m, output ℓ1 norm, σ = 0.1, and 530 images sized 480 × 854. |