Abstract
Neural networks are very successful at detecting patterns in noisy data, and have become the technology of choice in many fields. However, their usefulness is hampered by their susceptibility to adversarial attacks. Recently, many methods for measuring and improving a network’s robustness to adversarial perturbations have been proposed, and this growing body of research has given rise to numerous explicit or implicit notions of robustness. Connections between these notions are often subtle, and a systematic comparison between them is missing in the literature. In this paper we begin addressing this gap, by setting up general principles for the empirical analysis and evaluation of a network’s robustness as a mathematical property—during the network’s training phase, its verification, and after its deployment. We then apply these principles and conduct a case study that showcases the practical benefits of our general approach.
Original language | English |
---|---|
Title of host publication | Computer Aided Verification - 34th International Conference, CAV 2022, Proceedings |
Editors | Sharon Shoham, Yakir Vizel |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 219-231 |
Number of pages | 13 |
ISBN (Print) | 9783031131844 |
DOIs | |
State | Published - 2022 |
Event | 34th International Conference on Computer Aided Verification, CAV 2022 - Haifa, Israel Duration: 7 Aug 2022 → 10 Aug 2022 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 13371 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 34th International Conference on Computer Aided Verification, CAV 2022 |
---|---|
Country/Territory | Israel |
City | Haifa |
Period | 7/08/22 → 10/08/22 |
Bibliographical note
Publisher Copyright:© 2022, The Author(s).
Keywords
- Adversarial Training
- Neural Networks
- Robustness
- Verification