DeformRS: Certifying Input Deformations with Randomized Smoothing
Type
Conference PaperAuthors
Alfarra, MotasemBibi, Adel
Khan, Naeemullah
Torr, Philip H. S.
Ghanem, Bernard
KAUST Department
Electrical and Computer Engineering ProgramComputer, Electrical and Mathematical Science and Engineering (CEMSE) Division
Visual Computing Center (VCC)
KAUST Grant Number
OSRCRG2019-4033Date
2022-06-28Abstract
Deep neural networks are vulnerable to input deformations in the form of vector fields of pixel displacements and to other parameterized geometric deformations e.g. translations, rotations, etc. Current input deformation certification methods either (i) do not scale to deep networks on large input datasets, or (ii) can only certify a specific class of deformations, e.g. only rotations. We reformulate certification in randomized smoothing setting for both general vector field and parameterized deformations and propose DeformRS-VF and DeformRS-Par, respectively. Our new formulation scales to large networks on large input datasets. For instance, DeformRS-Par certifies rich deformations, covering translations, rotations, scaling, affine deformations, and other visually aligned deformations such as ones parameterized by Discrete-Cosine-Transform basis. Extensive experiments on MNIST, CIFAR10, and ImageNet show competitive performance of DeformRS-Par achieving a certified accuracy of 39% against perturbed rotations in the set [-10 degree, 10 degree] on ImageNet.Citation
Alfarra, M., Bibi, A., Khan, N., Torr, P. H. S., & Ghanem, B. (2022). DeformRS: Certifying Input Deformations with Randomized Smoothing. Proceedings of the AAAI Conference on Artificial Intelligence, 36(6), 6001–6009. https://doi.org/10.1609/aaai.v36i6.20546Acknowledgements
This publication is based upon work supported by the King Abdullah University of Science and Technology (KAUST) Offce of Sponsored Research (OSR) under Award No. OSRCRG2019-4033, the UKRI grant: Turing AI Fellowship EP/W002981/1 and EPSRC/MURI grant: EP/N019474/1. We would also like to thank the Royal Academy of EngineeringPublisher
Association for the Advancement of Artificial Intelligence (AAAI)Conference/Event Name
The Thirty-Sixth AAAI Conference on Artificial Intelligence (AAAI-22)DOI
10.1609/aaai.v36i6.20546arXiv
2107.00996Additional Links
https://ojs.aaai.org/index.php/AAAI/article/view/20546Relations
Is Supplemented By:- [Software]
Title: MotasemAlfarra/DeformRS:. Publication Date: 2021-06-07. github: MotasemAlfarra/DeformRS Handle: 10754/670269