Web: http://arxiv.org/abs/2206.07912

June 17, 2022, 1:10 a.m. | Linyi Li, Jiawei Zhang, Tao Xie, Bo Li

cs.LG updates on arXiv.org arxiv.org

Neural networks (NNs) are known to be vulnerable against adversarial
perturbations, and thus there is a line of work aiming to provide robustness
certification for NNs, such as randomized smoothing, which samples smoothing
noises from a certain distribution to certify the robustness for a smoothed
classifier. However, as previous work shows, the certified robust radius in
randomized smoothing suffers from scaling to large datasets ("curse of
dimensionality"). To overcome this hurdle, we propose a Double Sampling
Randomized Smoothing (DSRS) framework, …

