VNN: Verification-Friendly Neural Networks with Hard Robustness Guarantees
Baninajjar, Anahita LU
; Rezine, Ahmed
and Aminifar, Amir
LU
(2024)
41st International Conference on Machine Learning, ICML 2024
In Proceedings of Machine Learning Research
235.
p.2846-2856
- Abstract
- Machine learning techniques often lack formal correctness guarantees, evidenced by the widespread adversarial examples that plague most deep-learning applications. This lack of formal guarantees resulted in several research efforts that aim at verifying Deep Neural Networks (DNNs), with a particular focus on safety-critical applications. However, formal verification techniques still face major scalability and precision challenges. The over-approximation introduced during the formal verification process to tackle the scalability challenge often results in inconclusive analysis. To address this challenge, we propose a novel framework to generate Verification-Friendly Neural Networks (VNNs). We present a post-training optimization framework... (More)
- Machine learning techniques often lack formal correctness guarantees, evidenced by the widespread adversarial examples that plague most deep-learning applications. This lack of formal guarantees resulted in several research efforts that aim at verifying Deep Neural Networks (DNNs), with a particular focus on safety-critical applications. However, formal verification techniques still face major scalability and precision challenges. The over-approximation introduced during the formal verification process to tackle the scalability challenge often results in inconclusive analysis. To address this challenge, we propose a novel framework to generate Verification-Friendly Neural Networks (VNNs). We present a post-training optimization framework to achieve a balance between preserving prediction performance and verification-friendliness. Our proposed framework results in VNNs that are comparable to the original DNNs in terms of prediction performance, while amenable to formal verification techniques. This essentially enables us to establish robustness for more VNNs than their DNN counterparts, in a time-efficient manner. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/51a9d3bd-b82e-4a7a-a501-a82f3031d544
- author
- Baninajjar, Anahita
LU
; Rezine, Ahmed
and Aminifar, Amir
LU
- organization
- publishing date
- 2024
- type
- Chapter in Book/Report/Conference proceeding
- publication status
- published
- subject
- host publication
- Proceedings of the 41st International Conference on Machine Learning
- series title
- Proceedings of Machine Learning Research
- volume
- 235
- pages
- 2846 - 2856
- publisher
- ML Research Press
- conference name
- 41st International Conference on Machine Learning, ICML 2024
- conference location
- Vienna, Austria
- conference dates
- 2024-07-21 - 2024-07-27
- ISSN
- 2640-3498
- language
- English
- LU publication?
- yes
- id
- 51a9d3bd-b82e-4a7a-a501-a82f3031d544
- alternative location
- https://proceedings.mlr.press/v235/baninajjar24a.html
- date added to LUP
- 2024-07-28 08:13:40
- date last changed
- 2024-08-05 17:40:11
@inproceedings{51a9d3bd-b82e-4a7a-a501-a82f3031d544,
abstract = {{Machine learning techniques often lack formal correctness guarantees, evidenced by the widespread adversarial examples that plague most deep-learning applications. This lack of formal guarantees resulted in several research efforts that aim at verifying Deep Neural Networks (DNNs), with a particular focus on safety-critical applications. However, formal verification techniques still face major scalability and precision challenges. The over-approximation introduced during the formal verification process to tackle the scalability challenge often results in inconclusive analysis. To address this challenge, we propose a novel framework to generate Verification-Friendly Neural Networks (VNNs). We present a post-training optimization framework to achieve a balance between preserving prediction performance and verification-friendliness. Our proposed framework results in VNNs that are comparable to the original DNNs in terms of prediction performance, while amenable to formal verification techniques. This essentially enables us to establish robustness for more VNNs than their DNN counterparts, in a time-efficient manner.}},
author = {{Baninajjar, Anahita and Rezine, Ahmed and Aminifar, Amir}},
booktitle = {{Proceedings of the 41st International Conference on Machine Learning}},
issn = {{2640-3498}},
language = {{eng}},
pages = {{2846--2856}},
publisher = {{ML Research Press}},
series = {{Proceedings of Machine Learning Research}},
title = {{VNN: Verification-Friendly Neural Networks with Hard Robustness Guarantees}},
url = {{https://proceedings.mlr.press/v235/baninajjar24a.html}},
volume = {{235}},
year = {{2024}},
}