Supplementary Material for Adversarial Robustness through Random Sampling under Constraints

Oct-8-2025, 22:27:42 GMT–Neural Information Processing Systems

Lemma 1. Considering a fixed Only the highest confidence term in the output of the neural network affects the classification result. For the nonlinear part, which is always defined as ReLU, we have, ReLU (a b) null > ReLU ( a) ReLU (b), if a < 0 and b < 0, = ReLU ( a) ReLU (b), if a > 0 or b > 0 . Since each standard Gaussian distribution is i . The results are shown in Table 1. CIFAR-10 is used as the dataset and all the settings are the same as in the main text. For the attack algorithm, multiple iterations in a round of attack are randomly sampled only once.

artificial intelligence, gaussian distribution, machine learning, (15 more...)

Neural Information Processing Systems

Oct-8-2025, 22:27:42 GMT

Conferences PDF

Add feedback

Industry:
- Information Technology > Security & Privacy (0.35)

Technology:
- Information Technology > Artificial Intelligence > Machine Learning > Neural Networks (0.68)

Duplicate Docs Excel Report

Title
766f407b7b4a82135da23b32f0cbaff3-Supplemental-Conference.pdf

Similar Docs Excel Report more

Title	Similarity	Source
None found