Fast Training of Provably Robust Neural Networks by SingleProp

Akhilan Boopathy; Tsui-Wei Weng; Sijia Liu; Pin-Yu Chen; Gaoyuan; Zhang; Luca Daniel

arXiv:2102.01208·cs.LG·February 3, 2021·1 cites

Fast Training of Provably Robust Neural Networks by SingleProp

Akhilan Boopathy, Tsui-Wei Weng, Sijia Liu, Pin-Yu Chen, Gaoyuan, Zhang, Luca Daniel

PDF

Open Access 1 Video

TL;DR

This paper introduces SingleProp, a new regularizer that enables faster training of neural networks with certified robustness guarantees, maintaining accuracy while reducing computational costs.

Contribution

The paper proposes SingleProp, a regularizer that significantly speeds up training of robust neural networks with minimal loss in certified accuracy.

Findings

01

Faster training times on MNIST and CIFAR-10

02

Comparable certified robustness accuracy to existing methods

03

Reduced computational cost per training iteration

Abstract

Recent works have developed several methods of defending neural networks against adversarial attacks with certified guarantees. However, these techniques can be computationally costly due to the use of certification during training. We develop a new regularizer that is both more efficient than existing certified defenses, requiring only one additional forward propagation through a network, and can be used to train networks with similar certified accuracy. Through experiments on MNIST and CIFAR-10 we demonstrate improvements in training speed and comparable certified accuracy compared to state-of-the-art certified defenses.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

Fast Training of Provably Robust Neural Networks by SingleProp· underline

Taxonomy

TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications