Uncertify: Attacks Against Neural Network Certification. (arXiv:2108.11299v3 [cs.LG] UPDATED)

A key concept towards reliable, robust, and safe AI systems is the idea to
implement fallback strategies when predictions of the AI cannot be trusted.
Certifiers for neural networks have made great progress towards provable
robustness guarantees against evasion attacks using adversarial examples. These
methods guarantee for some predictions that a certain class of manipulations or
attacks could not have changed the outcome. For the remaining predictions
without guarantees, the method abstains from making a prediction and a fallback
strategy …

attacks certification lg network neural network