Sitemap
A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.
Pages
Posts
publications
Feature Generating Networks for Zero-Shot Learning
Yongqin Xian, Tobias Lorenz, Bernt Schiele and Zeynep Akata in IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2018
We propose a novel generative adversarial network that synthesizes CNN features conditioned on class-level semantic information, offering a shortcut directly from a semantic descriptor of a class to a class-conditional feature distribution.
Robustness Certification for Point Cloud Models
Tobias Lorenz, Anian Ruoss, Mislav Balunović, Gagandeep Singh and Martin Vechev in IEEE/CVF International Conference on Computer Vision (ICCV), 2021
We introduce 3DCertify, the first verifier able to certify robustness of point cloud models to semantic transformations.
Certifiers Make Neural Networks Vulnerable to Availability Attacks
Tobias Lorenz, Marta Kwiatkowska, Mario Fritz in 16th ACM Workshop on Artificial Intelligence and Security (AISec), 2023
We propose the first systematic analysis of availability attacks against neural network certifiers and demonstrate highly effective backdoor attacks that exploit the fallback strategy. Initial defenses were unable to mitigate this novel attack.
Adaptive Hierarchical Certification for Segmentation using Randomized Smoothing
Alaa Anani, Tobias Lorenz, Bernt Schiele, Mario Fritz in International Conference on Machine Learning (ICML), 2024
This paper introduces, for the first time, an adaptive hierarchical certification algorithm for image semantic segmentation that certifies image pixels within a hierarchy and proves the correctness of its guarantees.
FullCert: Deterministic End-to-End Certification for Training and Inference of Neural Networks
Tobias Lorenz, Marta Kwiatkowska, Mario Fritz in German Conference on Pattern Recognition (GCPR), 2024
We propose FullCert, the first end-to-end certifier with sound, deterministic robustness guarantees against both training- and inference-time attacks.
BiCert: A Bilinear Mixed Integer Programming Formulation for Precise Certified Bounds Against Data Poisoning Attacks
Tobias Lorenz, Marta Kwiatkowska, Mario Fritz in arXiv prerint, 2024
BiCert introduces a novel training-time certification method using Bilinear Mixed Integer Programming to provide provable robustness against data poisoning attacks, achieving tighter parameter bounds, stable training, and higher certified accuracy compared to previous methods.
Pixel-level Certified Explanations via Randomized Smoothing
Alaa Anani, Tobias Lorenz, Mario Fritz, Bernt Schiele in International Conference on Machine Learning (ICML), 2025
We introduce a method to certify pixel-level robustness of black-box attribution techniques via randomized smoothing, enabling reliable and interpretable visual explanations with quantitative guarantees on robustness and localization.