Tuesday, Mar 26, 2019. 12:00 PM. NSH 3305
Jeremy Cohen -- Certified Adversarial Robustness via Randomized Smoothing
Abstract: Extending recent work, we show how to turn any classifier that classifies well under Gaussian noise into a new classifier that is provably robust to perturbations in L2 norm. This method is the only provable adversarial defense that scales to ImageNet. It also outperforms all other provable L2 adversarial defenses on CIFAR-10 by a wide margin. Best of all, the method is extremely simple to implement and to understand.