Labels Predicted by AI
Robustness Improvement Method Adversarial attack Improvement of Learning
    Please note that these labels were automatically added by AI. Therefore, they may not be entirely accurate.
    For more details, please see the About the Literature Database page.
Abstract
Machine learning models are vulnerable to adversarial attacks. One approach to addressing this vulnerability is certification, which focuses on models that are guaranteed to be robust for a given perturbation size. A drawback of recent certified models is that they are stochastic: they require multiple computationally expensive model evaluations with random noise added to a given input. In our work, we present a deterministic certification approach which results in a certifiably robust model. This approach is based on an equivalence between training with a particular regularized loss, and the expected values of Gaussian averages. We achieve certified models on ImageNet-1k by retraining a model with this loss for one epoch without the use of label information.

-scaled.png) 
        
      