Summary of Certified Robustness For Deep Equilibrium Models Via Serialized Random Smoothing, by Weizhi Gao et al.
Certified Robustness for Deep Equilibrium Models via Serialized Random Smoothing
by Weizhi Gao, Zhichao Hou, Han Xu, Xiaorui Liu
First submitted to arxiv on: 1 Nov 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Artificial Intelligence (cs.AI)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary This paper proposes a novel certified defense method for Deep Equilibrium Models (DEQs) called Serialized Randomized Smoothing (SRS). The existing certified defenses for DEQs, which employ deterministic certification methods such as interval bound propagation and Lipschitz-bounds, are limited to specific forms of DEQs and cannot certify on large-scale datasets. SRS addresses these limitations by providing a randomized smoothing approach that leverages historical information, reducing computational redundancy and accelerating the certification process by up to 7x without sacrificing certified accuracy. The proposed method is evaluated through extensive experiments and ablation studies on image recognition tasks, demonstrating its effectiveness in certifying DEQs on large-scale datasets. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper solves a problem with deep neural networks called Deep Equilibrium Models (DEQs). Some people are worried about these models being hacked or attacked. The researchers found that existing ways to make sure DEQs are safe don’t work well for big datasets. They came up with a new method called Serialized Randomized Smoothing, which helps keep DEQs safe and also makes the process faster. They tested this method on images and it worked well. |
