Adversarial Examples

Built upon on a novel definition of label uncertainty, we develop an empirical method to estimate a more realistic intirnsic robustness limit for classification tasks

Advocate to understand the concentration of measure phenomenon regarding inputs regions with high label uncertainty

We show that concentration of measure does not prohibit the existence of adversarially robust classifiers using a novel method of empirical concentration estimation.

We propose a way to characterize the intrinsic robustness of image distributions under L2 perturbations using conditional generative models.

We propose an unsupervised learning method for obtaining robust representations based on a notion of representation vulnerability.

We develop a method to measure the concentration of image benchmarks using empirical samples and show that concentration of measure does not prohibit the existence of adversarially robust classifiers.

We propose a notion of cost-sensitive robustness for measuring classifier’s performance when adversarial transformations are not equally important, and provide a certified robust training method to optimize for it.