2021
DOI: 10.48550/arxiv.2106.04260
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

Provably Robust Detection of Out-of-distribution Data (almost) for free

Abstract: When applying machine learning in safety-critical systems, a reliable assessment of the uncertainy of a classifier is required. However, deep neural networks are known to produce highly overconfident predictions on out-of-distribution (OOD) data and even if trained to be non-confident on OOD data one can still adversarially manipulate OOD data so that the classifer again assigns high confidence to the manipulated samples. In this paper we propose a novel method where from first principles we combine a certifia… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
4

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(4 citation statements)
references
References 9 publications
0
4
0
Order By: Relevance
“…In fact, many OOD detection systems are susceptible to adversarial attacks Sehwag et al [2019], Chen et al [2022]. Meinke et al [2021] show how to verify robustness to adversarial examples around given input samples. Berrada et al [2021] develop a general framework for certifying properties of output distributions of neural networks given constraints on the input distribution.…”
Section: Ood Detectionmentioning
confidence: 99%
“…In fact, many OOD detection systems are susceptible to adversarial attacks Sehwag et al [2019], Chen et al [2022]. Meinke et al [2021] show how to verify robustness to adversarial examples around given input samples. Berrada et al [2021] develop a general framework for certifying properties of output distributions of neural networks given constraints on the input distribution.…”
Section: Ood Detectionmentioning
confidence: 99%
“…As in OOD detection, OSR, AD and ND, being robust against adversarial attacks is crucial. Recent works in OSR [133], [134], ND [18], [135], and OOD detection [136], [137] have investigated the effects of adversarial attacks on models. However more is needed.…”
Section: Adversarial Robustnessmentioning
confidence: 99%
“…Much of the OOD Detection research literature available makes a number of strange assumptions; among these, the existence of a dataset consisting of Out-Of-Distribution samples to train a binary classifier [15]. To comprehensively cover what is OOD, this dataset would have to contain samples from the entirety of the space outside of the In-Distribution.…”
Section: Related Workmentioning
confidence: 99%