Randomized Smoothing

Randomized smoothing is a technique for enhancing the robustness of machine learning models, particularly deep neural networks, against adversarial attacks—small, carefully crafted input perturbations designed to mislead the model. Current research focuses on improving the efficiency and effectiveness of smoothing methods, exploring various noise distributions and model architectures (including vision transformers and diffusion models), and extending its application to diverse data types like time series and medical images. This work is significant because it provides provable guarantees of robustness, a crucial step towards deploying reliable machine learning systems in safety-critical applications, and is actively advancing the theoretical understanding of model robustness and certification.

Papers

November 1, 2024

Certified Robustness for Deep Equilibrium Models via Serialized Random Smoothing
Weizhi Gao, Zhichao Hou, Han Xu, Xiaorui Liu
Native Robustness Randomized Smoothing Implicit Model Deep Equilibrium Model Smoothing Factor Certified Robustness Lipschitz Bound

October 9, 2024

Average Certified Radius is a Poor Metric for Randomized Smoothing
Chenhao Sun, Yuhao Mao, Mark Niklas Müller, Martin Vechev
Adversarial Attack Native Robustness Metric Library Randomized Smoothing Robustness Guarantee

October 8, 2024

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification
Wenhan Zhang, Meiyu Zhong, Ravi Tandon, Marwan Krunz
Adversarial Attack Randomized Smoothing Defense Method Wireless Signal Modulation Classification

September 20, 2024

Certified Adversarial Robustness via Partition-based Randomized Smoothing
Hossein Goli, Farzan Farnia
Gaussian Noise Randomized Smoothing Robustness Certificate Robustness Radius

September 4, 2024

Boosting Certified Robustness for Time Series Classification with Efficient Self-Ensemble
Chang Dong, Zhengyang Li, Liangwei Zheng, Weitong Chen, Wei Emma Zhang
Native Robustness Adversarial Robustness Time Series Classification Randomized Smoothing Robustness Certificate Robustness Radius Self Ensemble \Ell_p$ Robustness

August 23, 2024

Deep Learning at the Intersection: Certified Robustness as a Tool for 3D Vision
Gabriel Pérez S, Juan C. Pérez, Motasem Alfarra, Jesús Zarzar, Sara Rojas, Bernard Ghanem, Pablo Arbeláez
Deep Learning Native Robustness Intersection Scenario BRIO Tool Randomized Smoothing Signed Distance Function Voxel Grid Robustness Radius

August 1, 2024

Discrete Randomized Smoothing Meets Quantum Computing
Tom Wollschläger, Aman Saxena, Nicola Franco, Jeanette Miriam Lorenz, Stephan Günnemann
Quantum Computing Randomized Smoothing Amplitude Estimation

July 25, 2024

Quadratic Advantage with Quantum Randomized Smoothing Applied to Time-Series Analysis
Nicola Franco, Marie Kempkes, Jakob Spiegelberg, Jeanette Miriam Lorenz
Quantum Machine Learning Quantum Computer Quantum Algorithm Time Series Analysis Randomized Smoothing Hamming Space Quadratic Objective

July 16, 2024

Variational Randomized Smoothing for Sample-Wise Adversarial Robustness
Ryo Hase, Ye Wang, Toshiaki Koike-Akino, Jing Liu, Kieran Parsons
Adversarial Attack Adversarial Robustness Adversarial Perturbation Randomized Smoothing Enhanced Robustness

July 4, 2024

Certifiably Robust Image Watermark
Zhengyuan Jiang, Moyang Guo, Yuepeng Hu, Jinyuan Jia, Neil Zhenqiang Gong
Randomized Smoothing Robustness Guarantee Adversarial Watermarking Image Watermark

July 3, 2024

SPLITZ: Certifiable Robustness via Split Lipschitz Randomized Smoothing
Meiyu Zhong, Ravi Tandon
Adversarial Example Randomized Smoothing Robustness Guarantee Split and Fit Smoothed Classifier Accuracy Robustness Certifiable Robustness

June 25, 2024

Treatment of Statistical Estimation Problems in Randomized Smoothing for Adversarial Robustness
Vaclav Voracek
Adversarial Attack Adversarial Robustness Parameter Estimation Randomized Smoothing Accurate Treatment Estimation Problem

June 14, 2024

Adaptive Randomized Smoothing: Certified Adversarial Robustness for Multi-Step Defences
Saiyue Lyu, Shadab Shaikh, Frederick Shpilevskiy, Evan Shelhamer, Mathias Lécuyer
Adversarial Example Differential Privacy Randomized Smoothing Patch Masking

June 4, 2024

Effects of Exponential Gaussian Distribution on (Double Sampling) Randomized Smoothing
Youwei Shu, Xi Xiao, Derui Wang, Yuxin Cao, Siji Chen, Jason Xue, Linyi Li, Bo Li
Mixed Effect Randomized Smoothing Gaussian Distribution Robustness Certification Smoothing Factor Norm Attack

May 25, 2024

Certifying Adapters: Enabling and Enhancing the Certification of Classifier Adversarial Robustness
Jieren Deng, Hanbin Hong, Aaron Palmer, Xin Zhou, Jinbo Bi, Kaleel Mahmood, Yuan Hong, Derek Aguiar
Native Robustness Adversarial Training Adversarial Perturbation Randomized Smoothing

May 23, 2024

Universal Robustness via Median Randomized Smoothing for Real-World Super-Resolution
Zakariya Chaouai, Mohamed Tamaazousti
Super Resolution Image Super Resolution Randomized Smoothing Image Corruption Low Resolution Image General Robustness Real World Super Resolution

May 14, 2024

RS-Reg: Probabilistic and Robust Certified Regression Through Randomized Smoothing
Aref Miri Rekavandi, Olga Ohrimenko, Benjamin I. P. Rubinstein
Native Robustness Regression Task Randomized Smoothing Certified Robustness

April 26, 2024

Estimating the Robustness Radius for Randomized Smoothing with 100$\times$ Sample Efficiency
Emmanouil Seferis, Stefanos Kollias, Chih-Hong Cheng
Native Robustness Sample Efficiency Randomized Smoothing Robustness Certificate Robustness Radius

April 15, 2024

Mitigating the Curse of Dimensionality for Certified Robustness via Dual Randomized Smoothing
Song Xia, Yi Yu, Xudong Jiang, Henghui Ding
Data Dimensionality Randomized Smoothing Reversal Curse Dual System Certified Robustness Robustness Radius \Ell_p$ Robustness

April 8, 2024

Certified PEFTSmoothing: Parameter-Efficient Fine-Tuning with Randomized Smoothing
Chengyan Fu, Wenjie Wang
Neural Network Adversarial Perturbation Denoising Diffusion Parameter Efficient Randomized Smoothing

Randomized Smoothing

Papers

Certified Robustness for Deep Equilibrium Models via Serialized Random Smoothing

Average Certified Radius is a Poor Metric for Randomized Smoothing

Filtered Randomized Smoothing: A New Defense for Robust Modulation Classification

Certified Adversarial Robustness via Partition-based Randomized Smoothing

Boosting Certified Robustness for Time Series Classification with Efficient Self-Ensemble

Deep Learning at the Intersection: Certified Robustness as a Tool for 3D Vision

Discrete Randomized Smoothing Meets Quantum Computing

Quadratic Advantage with Quantum Randomized Smoothing Applied to Time-Series Analysis

Variational Randomized Smoothing for Sample-Wise Adversarial Robustness

Certifiably Robust Image Watermark

SPLITZ: Certifiable Robustness via Split Lipschitz Randomized Smoothing

Treatment of Statistical Estimation Problems in Randomized Smoothing for Adversarial Robustness

Adaptive Randomized Smoothing: Certified Adversarial Robustness for Multi-Step Defences

Effects of Exponential Gaussian Distribution on (Double Sampling) Randomized Smoothing

Certifying Adapters: Enabling and Enhancing the Certification of Classifier Adversarial Robustness

Universal Robustness via Median Randomized Smoothing for Real-World Super-Resolution

RS-Reg: Probabilistic and Robust Certified Regression Through Randomized Smoothing

Estimating the Robustness Radius for Randomized Smoothing with 100$\times$ Sample Efficiency

Mitigating the Curse of Dimensionality for Certified Robustness via Dual Randomized Smoothing

Certified PEFTSmoothing: Parameter-Efficient Fine-Tuning with Randomized Smoothing