all InfoSec news
PatchCensor: Patch Robustness Certification for Transformers via Exhaustive Testing. (arXiv:2111.10481v2 [cs.CV] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Vision Transformer (ViT) is known to be highly nonlinear like other classical
neural networks and could be easily fooled by both natural and adversarial
patch perturbations. This limitation could pose a threat to the deployment of
ViT in the real industrial environment, especially in safety-critical
scenarios. In this work, we propose PatchCensor, aiming to certify the patch
robustness of ViT by applying exhaustive testing. We try to provide a provable
guarantee by considering the worst patch attack scenarios. Unlike empirical …
adversarial attack certification critical deployment environment guarantee industrial may networks neural networks patch patches robustness safety safety-critical testing threat transformers work