Smoothed Classifier

Smoothed classifiers enhance the robustness of machine learning models, particularly deep neural networks, against adversarial attacks and noisy inputs by averaging predictions across a distribution of slightly perturbed inputs. Current research focuses on improving the efficiency and effectiveness of smoothing techniques, including randomized smoothing and its variants (e.g., de-randomized, accelerated, and multi-scale smoothing), often integrated with other methods like adversarial training or ensemble techniques. This work is significant because it provides provable guarantees of robustness, crucial for deploying machine learning models in safety-critical applications and improving the reliability of predictions in the presence of uncertainty or malicious manipulation.

Papers

July 3, 2024

SPLITZ: Certifiable Robustness via Split Lipschitz Randomized Smoothing
Meiyu Zhong, Ravi Tandon
Adversarial Example Randomized Smoothing Robustness Guarantee Split and Fit Smoothed Classifier Accuracy Robustness Certifiable Robustness

February 23, 2024

A Robust Defense against Adversarial Attacks on Deep Learning-based Malware Detectors via (De)Randomized Smoothing
Daniel Gibert, Giulio Zizzo, Quan Le, Jordi Planes
Adversarial Attack Adversarial Text Robust Defense Smoothing Factor Smoothed Classifier Adversarial Malware Based Malware

February 12, 2024

Accelerated Smoothing: A Scalable Approach to Randomized Smoothing
Devansh Bhardwaj, Kshitiz Kaushik, Sarthak Gupta
Adversarial Attack Randomized Smoothing Scalable Approach Smoothed Classifier Robustness Certificate Smoothing Algorithm Surrogate Neural Network

February 4, 2024

Diffusion Models are Certifiably Robust Classifiers
Huanran Chen, Yinpeng Dong, Shitong Shao, Zhongkai Hao, Xiao Yang, Hang Su, Jun Zhu
Diffusion Model Native Robustness Robust Classifier Robust Classification Smoothed Classifier Diffusion Classifier

October 25, 2023

Multi-scale Diffusion Denoised Smoothing
Jongheon Jeong, Jinwoo Shin
Multi Scale Denoising Diffusion Randomized Smoothing Smoothed Classifier Implicit Denoising

October 11, 2023

Promoting Robustness of Randomized Smoothing: Two Cost-Effective Approaches
Linbo Liu, Trong Nghia Hoang, Lam M. Nguyen, Tsui-Wei Weng
Native Robustness Adversarial Robustness Randomized Smoothing Smoothed Classifier Cost Effective Approach

September 28, 2023

The Lipschitz-Variance-Margin Tradeoff for Enhanced Randomized Smoothing
Blaise Delattre, Alexandre Araujo, Quentin Barthélemy, Alexandre Allauzen
Native Robustness Randomized Smoothing Robust Classifier Smoothed Classifier Lipschitz Loss Robustness Radius

September 25, 2023

Projected Randomized Smoothing for Certified Adversarial Robustness
Samuel Pfrommer, Brendon G. Anderson, Somayeh Sojoudi
Randomized Smoothing Robust Classifier Smoothed Classifier Dimensional Approximation

July 17, 2023

On the Fly Neural Style Smoothing for Risk-Averse Domain Generalization
Akshay Mehra, Yunbei Zhang, Bhavya Kailkhura, Jihun Hamm
Domain Generalization Smoothed Classifier

May 31, 2023

Incremental Randomized Smoothing Certification
Shubham Ugare, Tarun Suresh, Debangshu Banerjee, Gagandeep Singh, Sasa Misailovic
Robustness Guarantee Robustness Certification Smoothed Classifier Robustness Certificate

May 8, 2023

Understanding Noise-Augmented Training for Randomized Smoothing
Ambar Pal, Jeremias Sulam
Adversarial Attack Randomized Smoothing Smoothed Classifier Input Distribution

March 20, 2023

DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness
Shoumik Saha, Wenxiao Wang, Yigitcan Kaya, Soheil Feizi, Tudor Dumitras
Adversarial Learning Malware Detection Randomized Smoothing Certified Robustness Smoothed Classifier Malware Classifier Decentralized Riemannian

March 1, 2023

Single Image Backdoor Inversion via Robust Smoothed Classifiers
Mingjie Sun, J. Zico Kolter
Smoothed Classifier Effective Backdoor Attack Resilient Backdoor Backdoor Inversion

December 18, 2022

Confidence-aware Training of Smoothed Classifiers for Certified Robustness
Jongheon Jeong, Seojin Kim, Jinwoo Shin
Native Robustness Adversarial Robustness Adversarial Perturbation Certified Robustness Smoothed Classifier Machine Self Confidence

November 20, 2022

On Multi-head Ensemble of Smoothed Classifiers for Certified Robustness
Kun Fang, Qinghua Tao, Yingwen Wu, Tao Li, Xiaolin Huang, Jie Yang
Randomized Smoothing Multi Head Certified Robustness Multiple Deep Neural Network Smoothed Classifier

October 3, 2022

MultiGuard: Provably Robust Multi-label Classification against Adversarial Examples
Jinyuan Jia, Wenjie Qu, Neil Zhenqiang Gong
Adversarial Example Multi Label Multi Label Classification Smoothed Classifier

June 22, 2022

Input-agnostic Certified Group Fairness via Gaussian Parameter Smoothing
Jiayin Jin, Zeru Zhang, Yang Zhou, Lingfei Wu
Group Fairness Smoothed Classifier

June 16, 2022

Double Sampling Randomized Smoothing
Linyi Li, Jiawei Zhang, Tao Xie, Bo Li
Native Robustness Randomized Smoothing Robustness Certification Smoothed Classifier

March 13, 2022

Dynamic and Context-Dependent Stock Price Prediction Using Attention Modules and News Sentiment
Nicole Koenigstein
Long Short Term Memory Context Aware Attention Module Financial Time Series Smoothed Classifier Recurrent Structure News Sentiment Recurrent Module

November 17, 2021

SmoothMix: Training Confidence-calibrated Smoothed Classifiers for Certified Robustness
Jongheon Jeong, Sejun Park, Minkyu Kim, Heung-Chang Lee, Doguk Kim, Jinwoo Shin
Training Data Adversarial Perturbation Certified Robustness Smoothed Classifier \Ell_p$ Robustness