Fast and Precise Certification of Transformers

被引：12

作者：

Bonaert, Gregory ^{[1
]}

Dimitrov, Dimitar, I ^{[1
]}

Baader, Maximilian ^{[1
]}

Vechev, Martin ^{[1
]}

机构：

[1] Swiss Fed Inst Technol, Zurich, Switzerland

来源：

PROCEEDINGS OF THE 42ND ACM SIGPLAN INTERNATIONAL CONFERENCE ON PROGRAMMING LANGUAGE DESIGN AND IMPLEMENTATION (PLDI '21) | 2021年

关键词：

Abstract Interpretation; Robustness Certification; Deep Learning; Adversarial attacks; Transformer Networks;

D O I：

10.1145/3453483.3454056

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

We present DeepT, a novel method for certifying Transformer networks based on abstract interpretation. The key idea behind DeepT is our new Multi-norm Zonotope abstract domain, an extension of the classical Zonotope designed to handle l(1) and l(2)-norm bound perturbations. We introduce all Multi-norm Zonotope abstract transformers necessary to handle these complex networks, including the challenging softmax function and dot product. Our evaluation shows that DeepT can certify average robustness radii that are 28x larger than the state-of-the-art, while scaling favorably. Further, for the first time, we certify Transformers against synonym attacks on long sequences of words, where each word can be replaced by any synonym. DeepT achieves a high certification success rate on sequences of words where enumeration-based verification would take 2 to 3 orders of magnitude more time.

引用

页码：466 / 481

页数：16

共 62 条

[1] Aleksander Madry, 2018, 6 INT C LEARN REPR I
[2] Alzantot M, 2018, 2018 CONFERENCE ON EMPIRICAL METHODS IN NATURAL LANGUAGE PROCESSING (EMNLP 2018), P2890
[3] Ba J.L., 2016, LAYER NORMALIZATION
[4] Balunovic M., 2020, INT C LEARN REPR
[5] Balunovic M, 2019, ADV NEUR IN, V32
[6] Behjati M, 2019, INT CONF ACOUST SPEE, P7345, DOI [10.1109/ICASSP.2019.8682430, 10.1109/icassp.2019.8682430]
[7] Bunel R, 2018, ADV NEUR IN, V31
[8] Carion Nicolas, 2020, Computer Vision - ECCV 2020. 16th European Conference. Proceedings. Lecture Notes in Computer Science (LNCS 12346), P213, DOI 10.1007/978-3-030-58452-8_13
[9] Cohen J, 2019, PR MACH LEARN RES, V97
[10] Devlin J, 2019, 2019 CONFERENCE OF THE NORTH AMERICAN CHAPTER OF THE ASSOCIATION FOR COMPUTATIONAL LINGUISTICS: HUMAN LANGUAGE TECHNOLOGIES (NAACL HLT 2019), VOL. 1, P4171

← 1 2 3 4 5 6 7 →