Fast And Effective Robustness Certification
ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 31 (NIPS 2018)(2018)
摘要
We present a new method and system, called DeepZ, for certifying neural network robustness based on abstract interpretation. Compared to state-of-the-art automated verifiers for neural networks, DeepZ: (i) handles ReLU, Tanh and Sigmoid activation functions, (ii) supports feedforward, convolutional, and residual architectures, (iii) is significantly more scalable and precise, and (iv) and is sound with respect to floating point arithmetic. These benefits are due to carefully designed approximations tailored to the setting of neural networks. As an example, DeepZ achieves a verification accuracy of 97% on a large network with 88; 500 hidden units under L-infinity attack with epsilon = 0:1 with an average runtime of 133 seconds.
更多查看译文
关键词
neural networks,fast and effective robustness certification,abstract interpretation
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络