Distillation based Robustness Verification with PAC Guarantees

Indri, Patrick; Blohm, Peter; Athavale, Anagha; Bartocci, Ezio; Weissenbacher, Georg; Maffei, Matteo; Nickovic, Dejan; Gärtner, Thomas; Malhotra, Sagar

DC Field

Value

Language

dc.contributor.author

Indri, Patrick

dc.contributor.author

Blohm, Peter

dc.contributor.author

Athavale, Anagha

dc.contributor.author

Bartocci, Ezio

dc.contributor.author

Weissenbacher, Georg

dc.contributor.author

Maffei, Matteo

dc.contributor.author

Nickovic, Dejan

dc.contributor.author

Gärtner, Thomas

dc.contributor.author

Malhotra, Sagar

dc.date.accessioned

2024-09-26T12:41:03Z

dc.date.available

2024-09-26T12:41:03Z

dc.date.issued

2024-06-28

dc.identifier.citation

<div class="csl-bib-body"> <div class="csl-entry">Indri, P., Blohm, P., Athavale, A., Bartocci, E., Weissenbacher, G., Maffei, M., Nickovic, D., Gärtner, T., & Malhotra, S. (2024). Distillation based Robustness Verification with PAC Guarantees. In <i>International Conference on Machine Learning 2024 - Next Generation of AI Safety Workshop</i>. International Conference on Machine Learning 2024 - Next Generation of AI Safety Workshop, Vienna, Austria. http://hdl.handle.net/20.500.12708/200890</div> </div>

dc.identifier.uri

http://hdl.handle.net/20.500.12708/200890

dc.description.abstract

We present a distillation based approach to verify the robustness of any Neural Network (NN). Conventional formal verification methods cannot tractably assess the global robustness of real-world NNs. To address this, we take advantage of a gradient-aligned distillation framework to transfer the robustness properties from a larger teacher network to a smaller student network. Given that the student NN can be formally verified for global robustness, we theoretically investigate how this guarantee can be transferred to the teacher NN. We draw from ideas in learning theory to derive a sample complexity for the distillation procedure that enables PAC-guarantees on the global robustness of the teacher network.

dc.language.iso

dc.subject

Robustness

dc.subject

Knowledge Distillation

dc.subject

Formal Verification

dc.subject

PAC-Verification

dc.title

Distillation based Robustness Verification with PAC Guarantees

dc.type

Inproceedings

dc.type

Konferenzbeitrag

dc.relation.publication

International Conference on Machine Learning 2024 - Next Generation of AI Safety Workshop

dc.contributor.affiliation

Austrian Institute of Technology, Austria

dc.type.category

Full-Paper Contribution

tuw.booktitle

International Conference on Machine Learning 2024 - Next Generation of AI Safety Workshop

tuw.peerreviewed

true

tuw.researchTopic.id

tuw.researchTopic.name

Information Systems Engineering

tuw.researchTopic.value

100

tuw.linking

https://openreview.net/forum?id=vflefS3lmB

tuw.publication.orgunit

E194-06 - Forschungsbereich Machine Learning

tuw.publication.orgunit

E192-06 - Forschungsbereich Security and Privacy

tuw.publication.orgunit

E191-01 - Forschungsbereich Cyber-Physical Systems

tuw.publication.orgunit

E192-04 - Forschungsbereich Formal Methods in Systems Engineering

dc.description.numberOfPages

tuw.author.orcid

0000-0002-8004-6601

tuw.author.orcid

0000-0001-5468-0396

tuw.author.orcid

0000-0001-5985-9213

tuw.event.name

International Conference on Machine Learning 2024 - Next Generation of AI Safety Workshop

tuw.event.startdate

26-07-2024

tuw.event.enddate

26-07-2024

tuw.event.online

On Site

tuw.event.type

Event for scientific audience

tuw.event.place

Vienna

tuw.event.country

tuw.event.presenter

Indri, Patrick

tuw.event.presenter

Blohm, Peter

wb.sciencebranch

Informatik

wb.sciencebranch

Mathematik

wb.sciencebranch.oefos

1020

wb.sciencebranch.oefos

1010

wb.sciencebranch.value

item.grantfulltext

restricted

item.fulltext

no Fulltext

item.languageiso639-1

item.openairecristype

http://purl.org/coar/resource_type/c_5794

item.openairetype

conference paper

item.cerifentitytype

Publications

crisitem.author.dept

E194-06 - Forschungsbereich Machine Learning

crisitem.author.dept

E192-06 - Forschungsbereich Security and Privacy

crisitem.author.dept

E191-01 - Forschungsbereich Cyber-Physical Systems

crisitem.author.dept

E192-04 - Forschungsbereich Formal Methods in Systems Engineering

crisitem.author.dept

E192-06 - Forschungsbereich Security and Privacy

crisitem.author.dept

E191-01 - Forschungsbereich Cyber-Physical Systems

crisitem.author.dept

E194-06 - Forschungsbereich Machine Learning

crisitem.author.dept

E194-06 - Forschungsbereich Machine Learning

crisitem.author.orcid

0000-0002-1620-5700

crisitem.author.orcid

0000-0002-8004-6601

crisitem.author.orcid

0000-0001-5985-9213

crisitem.author.parentorg

E194 - Institut für Information Systems Engineering

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.author.parentorg

E191 - Institut für Computer Engineering

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.author.parentorg

E192 - Institut für Logic and Computation

crisitem.author.parentorg

E191 - Institut für Computer Engineering

crisitem.author.parentorg

E194 - Institut für Information Systems Engineering

crisitem.author.parentorg

E194 - Institut für Information Systems Engineering

Appears in Collections:

Conference Paper

Show simple item record

Page view(s)

329

checked on Sep 26, 2024

Download(s)

checked on Sep 26, 2024

Google Scholar^TM

Check

Page view(s)

Download(s)

Google ScholarTM

Google Scholar^TM