Certify or Predict: Boosting Certified Robustness with Compositional Architectures
Authors: Mark Niklas Mueller, Mislav Balunovic, Martin Vechev
ICLR 2021 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Experimental evaluation on the CIFAR-10, Tiny Image Net and Image Net200 datasets, demonstrating the promise of ACE: at the same non-trivial certified robustness levels, we can achieve significantly higher accuracies than prior work. |
| Researcher Affiliation | Academia | Mark Niklas Müller, Mislav Balunovi c, Martin Vechev Department of Computer Science, ETH Zurich, Switzerland {mark.mueller, mislav.balunovic, martin.vechev}@inf.ethz.ch |
| Pseudocode | No | The paper describes algorithms and procedures in prose and with mathematical formulas, but it does not include any clearly labeled 'Pseudocode' or 'Algorithm' blocks with structured, code-like formatting. |
| Open Source Code | Yes | We release our code as open source: https://github.com/eth-sri/ACE |
| Open Datasets | Yes | We evaluate ACE on 3 different certification-network architectures similar to the models used in Gowal et al. (2018) and Balunovi c & Vechev (2020), on CIFAR-10, Image Net200, and Tiny Image Net with ℓ perturbations between 1/255 and 8/255, reporting Top1 accuracies. |
| Dataset Splits | No | The paper mentions using 'CIFAR-10, Image Net200, and Tiny Image Net', which are benchmark datasets, and evaluates on a 'full test set' and its 'subsets'. However, it does not provide specific details on how the training, validation, and test sets are explicitly split (e.g., exact percentages or sample counts for each split) beyond referring to the 'full test set' for evaluation. |
| Hardware Specification | Yes | We perform all experiments, with the exception of reference network training, on a single Ge Force RTX 2080 Ti GPU and implement training and certification in Py Torch (Paszke et al., 2019). |
| Software Dependencies | Yes | We perform all experiments, with the exception of reference network training, on a single Ge Force RTX 2080 Ti GPU and implement training and certification in Py Torch (Paszke et al., 2019). |
| Experiment Setup | Yes | The hyperparameters can be found in Appendix B. CIFAR-10 Training For CIFAR-10 IBP training is conducted for 200 epochs, annealing ϵ and κ over the first 100 epochs, with an initial learning rate of 1e-3, reducing by half every 10 epochs after annealing is completed. We choose κend = 0.5 for all models. |