Certification of Semantic Perturbations via Randomized Smoothing
share
We introduce a novel certification method for parametrized perturbations by generalizing randomized smoothing. Using this method, we construct a provable classifier that can establish state-of-the-art robustness against semantic perturbations including geometric transformations (e.g., rotation, translation), for different types of interpolation, and, for the first time, volume changes on audio data. Our experimental results indicate that the method is practically effective: for ResNet-50 on ImageNet, it achieves rotational robustness provable up to ± 30^∘ for 28
READ FULL TEXT