深度学习模型修复稳定性认证的多数不变方法

Aug, 2023

深度学习模型修复稳定性认证的多数不变方法

A Majority Invariant Approach to Patch Robustness Certification for Deep Learning Models

Qilin Zhou, Zhengyuan Wei, Haipeng Wang, W. K. Chan

TL;DR使用MajorCert方法，该研究论文提出了一种修补程序鲁棒性认证技术，可以确保在一个样本中，没有任何修补程序能够操纵深度学习模型以预测不同的标签。

Abstract

patch robustness certification ensures no patch within a given bound on a sample can manipulate a deep learning model to predict a different label. However, existing techniques cannot certify samples that cannot