Great advances in deep neural networks (DNNs) have led to state-of-the-art performance on
a wide range of tasks. However, recent studies have shown that DNNs are vulnerable to …

We extend randomized smoothing to cover parameterized transformations (eg, rotations,
translations) and certify robustness in the parameter space (eg, rotation angle). This is …

Certified defenses such as randomized smoothing have shown promise towards building
reliable machine learning systems against $\ell_p $ norm bounded attacks. However …

The use of deep 3D point cloud models in safety-critical applications, such as autonomous
driving, dictates the need to certify the robustness of these models to real-world …

Randomized smoothing has recently emerged as an effective tool that enables certification
of deep neural network classifiers at scale. All prior art on randomized smoothing has …

Deep neural networks are vulnerable to input deformations in the form of vector fields of
pixel displacements and to other parameterized geometric deformations eg translations …

Building models that comply with the invariances inherent to different domains, such as
invariance under translation or rotation, is a key aspect of applying machine learning to real …

Although randomized smoothing has demonstrated high certified robustness and superior
scalability to other certified defenses, the high computational overhead of the robustness …

Recent work has exposed the vulnerability of computer vision models to vector field attacks.
Due to the widespread usage of such models in safety-critical applications, it is crucial to …

Federated learning is an emerging data-private distributed learning framework, which,
however, is vulnerable to adversarial attacks. Although several heuristic defenses are …