Inria 2018
Abstract
Deep neural networks present strong vulnerabilities against adversarial examples, model theft and privacy of datasets. On the other side, software verification is a well-researched field, with about 40 years of cumulated expertise, tools and techniques. We aim to present two techniques widely used in software verification; Abstract Interpretation and Satisfactory Modulo Theories solvers, and how we can leverage them to obtain provably more robust deep neural networks.
Deep neural networks present strong vulnerabilities against adversarial examples, model theft and privacy of datasets. On the other side, software verification is a well-researched field, with about 40 years of cumulated expertise, tools and techniques. We aim to present two techniques widely used in software verification; Abstract Interpretation and Satisfactory Modulo Theories solvers, and how we can leverage them to obtain provably more robust deep neural networks.
A video recording is available here.
