Distillation Based Robustness Verification with PAC Guarantees
Abstract
We present a distillation based approach to verify the robustness of any Neural Network (NN). Conventional formal verification methods cannot tractably assess the global robustness of real-world NNs. To address this, we take advantage of a gradient-aligned distillation framework to transfer the robustness properties from a larger teacher network to a smaller student network. Given that the student NN can be formally verified for global robustness, we theoretically investigate how this guarantee can be transferred to the teacher NN. We draw from ideas in learning theory to derive a sample complexity for the distillation procedure that enables PAC-guarantees on the global robustness of the teacher network.
Cite
Text
Indri et al. "Distillation Based Robustness Verification with PAC Guarantees." ICML 2024 Workshops: NextGenAISafety, 2024.Markdown
[Indri et al. "Distillation Based Robustness Verification with PAC Guarantees." ICML 2024 Workshops: NextGenAISafety, 2024.](https://mlanthology.org/icmlw/2024/indri2024icmlw-distillation/)BibTeX
@inproceedings{indri2024icmlw-distillation,
title = {{Distillation Based Robustness Verification with PAC Guarantees}},
author = {Indri, Patrick and Blohm, Peter and Athavale, Anagha and Bartocci, Ezio and Weissenbacher, Georg and Maffei, Matteo and Nickovic, Dejan and Gärtner, Thomas and Malhotra, Sagar},
booktitle = {ICML 2024 Workshops: NextGenAISafety},
year = {2024},
url = {https://mlanthology.org/icmlw/2024/indri2024icmlw-distillation/}
}