How to certify machine learning based safety-critical systems? A systematic literature review
Abstract Context Machine Learning (ML) has been at the heart of many innovations over the
past years. However, including it in so-called “safety-critical” systems such as automotive or …
past years. However, including it in so-called “safety-critical” systems such as automotive or …
Relating adversarially robust generalization to flat minima
Adversarial training (AT) has become the de-facto standard to obtain models robust against
adversarial examples. However, AT exhibits severe robust overfitting: cross-entropy loss on …
adversarial examples. However, AT exhibits severe robust overfitting: cross-entropy loss on …
On the limitations of dataset balancing: The lost battle against spurious correlations
R Schwartz, G Stanovsky - arXiv preprint arXiv:2204.12708, 2022 - arxiv.org
Recent work has shown that deep learning models in NLP are highly sensitive to low-level
correlations between simple features and specific output labels, leading to overfitting and …
correlations between simple features and specific output labels, leading to overfitting and …
Two coupled rejection metrics can tell adversarial examples apart
Correctly classifying adversarial examples is an essential but challenging requirement for
safely deploying machine learning models. As reported in RobustBench, even the state-of …
safely deploying machine learning models. As reported in RobustBench, even the state-of …
Provably robust classification of adversarial examples with detection
Adversarial attacks against deep networks can be defended against either by building
robust classifiers or, by creating classifiers that can\emph {detect} the presence of …
robust classifiers or, by creating classifiers that can\emph {detect} the presence of …
Improving adversarial robustness via joint classification and multiple explicit detection classes
S Baharlouei, F Sheikholeslami… - International …, 2023 - proceedings.mlr.press
This work concerns the development of deep networks that are certifiably robust to
adversarial attacks. Joint robust classification-detection was recently introduced as a …
adversarial attacks. Joint robust classification-detection was recently introduced as a …
Union label smoothing adversarial training: Recognize small perturbation attacks and reject larger perturbation attacks balanced
J Huang, H Xie, C Wu, X Xiang - Future Generation Computer Systems, 2023 - Elsevier
Recently, several adversarial training methods have been proposed for rejecting
perturbation-based adversarial examples, which enhance the robustness of deep neural …
perturbation-based adversarial examples, which enhance the robustness of deep neural …
Stratified adversarial robustness with rejection
Recently, there is an emerging interest in adversarially training a classifier with a rejection
option (also known as a selective classifier) for boosting adversarial robustness. While …
option (also known as a selective classifier) for boosting adversarial robustness. While …
Adversarial training with rectified rejection
Adversarial training (AT) is one of the most effective strategies for promoting model
robustness, whereas even the state-of-the-art adversarially trained models struggle to …
robustness, whereas even the state-of-the-art adversarially trained models struggle to …
Shaping deep feature space towards gaussian mixture for visual classification
The softmax cross-entropy loss function has been widely used to train deep models for
various tasks. In this work, we propose a Gaussian mixture (GM) loss function for deep …
various tasks. In this work, we propose a Gaussian mixture (GM) loss function for deep …