Abstract
Adversarial attacks on neural net models (usually solving computer vision tasks) have been an active machine learning research topic for more than 10 years. To mitigate the devastating effect of adversarial examples the methods of adversarial defense are proposed, being mostly empirical approaches. That said, some proposed algorithms of defense provide theoretical guarantees under any type of attack - they constitute the direction of certified robustness. In this talk, I will present not only the classical methods of certified defense and approaches to improving it but also the essential problems of certified robustness approaches and what could be considered as the possible solution to these challenges.
Presentation made for webinars’ stream of NTR LABS.
Aleksandr Petiushko Александр Петюшко
Sr. Director, Head of AI Research / Adjunct Professor / PhD
Principal R&D Researcher (15+ years of experience), R&D Technical Leader (10+ years of experience), and R&D Manager (8+ years of experience). Running and managing industrial research and academic collaboration (35+ publications, 30+ patents). Hiring and transforming AI/ML teams. Inspired by theoretical computer science and how it changes the world.