This newsletter made possible by MosaicML. ⭐ (Certified!!) Adversarial Robustness for Free! Existing work has shown that you can make any classifier provably robust to adversarial perturbations by ensembling its predictions on several copies of its input, each with its own random Gaussian noise. With more copies and more noise, you get more robustness. The downsides are that 1) this takes more time, since you’re running inference on multiple copies of the input, and 2) your accuracy probably goes down a lot because your inputs are noisy.
2022-6-26 arXiv roundup: Way better certified robustness, Progressive SSL, Empirical NTKs
2022-6-26 arXiv roundup: Way better certified…
2022-6-26 arXiv roundup: Way better certified robustness, Progressive SSL, Empirical NTKs
This newsletter made possible by MosaicML. ⭐ (Certified!!) Adversarial Robustness for Free! Existing work has shown that you can make any classifier provably robust to adversarial perturbations by ensembling its predictions on several copies of its input, each with its own random Gaussian noise. With more copies and more noise, you get more robustness. The downsides are that 1) this takes more time, since you’re running inference on multiple copies of the input, and 2) your accuracy probably goes down a lot because your inputs are noisy.