Detailed Information
Cited 3 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
Towards Better Understanding of Training Certifiably Robust Models against Adversarial Examples
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Lee, Sungyoon | - |
| dc.contributor.author | Lee, Woojin | - |
| dc.contributor.author | Park, Jinseong | - |
| dc.contributor.author | Lee, Jaewook | - |
| dc.date.accessioned | 2024-08-08T03:31:09Z | - |
| dc.date.available | 2024-08-08T03:31:09Z | - |
| dc.date.issued | 2021 | - |
| dc.identifier.issn | 1049-5258 | - |
| dc.identifier.uri | https://scholarworks.dongguk.edu/handle/sw.dongguk/17124 | - |
| dc.description.abstract | We study the problem of training certifiably robust models against adversarial examples. Certifiable training minimizes an upper bound on the worst-case loss over the allowed perturbation, and thus the tightness of the upper bound is an important factor in building certifiably robust models. However, many studies have shown that Interval Bound Propagation (IBP) training uses much looser bounds but outperforms other models that use tighter bounds. We identify another key factor that influences the performance of certifiable training: smoothness of the loss landscape. We find significant differences in the loss landscapes across many linear relaxation-based methods, and that the current state-of-the-arts method often has a landscape with favorable optimization properties. Moreover, to test the claim, we design a new certifiable training method with the desired properties. With the tightness and the smoothness, the proposed method achieves a decent performance under a wide range of perturbations, while others with only one of the two factors can perform well only for a specific range of perturbations. Our code is available at https://github.com/sungyoon-lee/LossLandscapeMatters. | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | NEURAL INFORMATION PROCESSING SYSTEMS (NIPS) | - |
| dc.title | Towards Better Understanding of Training Certifiably Robust Models against Adversarial Examples | - |
| dc.type | Article | - |
| dc.publisher.location | 미국 | - |
| dc.identifier.wosid | 000925183302062 | - |
| dc.identifier.bibliographicCitation | ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 34 (NEURIPS 2021) | - |
| dc.citation.title | ADVANCES IN NEURAL INFORMATION PROCESSING SYSTEMS 34 (NEURIPS 2021) | - |
| dc.type.docType | Proceedings Paper | - |
| dc.description.isOpenAccess | N | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Artificial Intelligence | - |
- Files in This Item
- There are no files associated with this item.
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Lee, Woo Jin
- College of Advanced Convergence Engineering (Department of Computer Science and Artificial Intelligence)