{"id":"https://openalex.org/W4416549513","doi":"https://doi.org/10.1145/3719027.3765140","title":"Exact Robustness Certification of k-Nearest Neighbors","display_name":"Exact Robustness Certification of k-Nearest Neighbors","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549513","doi":"https://doi.org/10.1145/3719027.3765140"},"language":"en","primary_location":{"id":"doi:10.1145/3719027.3765140","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765140","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3719027.3765140","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5000629161","display_name":"Francesco Ranzato","orcid":"https://orcid.org/0000-0003-0159-0068"},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Francesco Ranzato","raw_affiliation_strings":["Dipartimento di Matematica, University of Padova, Padova, Italy"],"raw_orcid":"https://orcid.org/0000-0003-0159-0068","affiliations":[{"raw_affiliation_string":"Dipartimento di Matematica, University of Padova, Padova, Italy","institution_ids":["https://openalex.org/I138689650"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019924717","display_name":"Ahmed Anjum Shakeel","orcid":"https://orcid.org/0009-0007-0018-403X"},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Ahmad Shakeel","raw_affiliation_strings":["Dipartimento di Matematica, University of Padova, Padova, Italy"],"raw_orcid":"https://orcid.org/0009-0007-0018-403X","affiliations":[{"raw_affiliation_string":"Dipartimento di Matematica, University of Padova, Padova, Italy","institution_ids":["https://openalex.org/I138689650"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074783222","display_name":"Marco Zanella","orcid":"https://orcid.org/0000-0002-6164-6169"},"institutions":[{"id":"https://openalex.org/I138689650","display_name":"University of Padua","ror":"https://ror.org/00240q980","country_code":"IT","type":"education","lineage":["https://openalex.org/I138689650"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Marco Zanella","raw_affiliation_strings":["Dipartimento di Matematica, University of Padova, Padova, Italy"],"raw_orcid":"https://orcid.org/0000-0002-6164-6169","affiliations":[{"raw_affiliation_string":"Dipartimento di Matematica, University of Padova, Padova, Italy","institution_ids":["https://openalex.org/I138689650"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5000629161"],"corresponding_institution_ids":["https://openalex.org/I138689650"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18451904,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"4439","last_page":"4453"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.991100013256073,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.991100013256073,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.003700000001117587,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11273","display_name":"Advanced Graph Neural Networks","score":0.001500000013038516,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/interpretability","display_name":"Interpretability","score":0.7793999910354614},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7599999904632568},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.7064999938011169},{"id":"https://openalex.org/keywords/soundness","display_name":"Soundness","score":0.7037000060081482},{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.5716999769210815},{"id":"https://openalex.org/keywords/nonparametric-statistics","display_name":"Nonparametric statistics","score":0.33869999647140503}],"concepts":[{"id":"https://openalex.org/C2781067378","wikidata":"https://www.wikidata.org/wiki/Q17027399","display_name":"Interpretability","level":2,"score":0.7793999910354614},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7599999904632568},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7254999876022339},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.7064999938011169},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.7037000060081482},{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.5716999769210815},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.47600001096725464},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.45179998874664307},{"id":"https://openalex.org/C102366305","wikidata":"https://www.wikidata.org/wiki/Q1097688","display_name":"Nonparametric statistics","level":2,"score":0.33869999647140503},{"id":"https://openalex.org/C184898388","wikidata":"https://www.wikidata.org/wiki/Q1435712","display_name":"Pairwise comparison","level":2,"score":0.32440000772476196},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3075999915599823},{"id":"https://openalex.org/C117251300","wikidata":"https://www.wikidata.org/wiki/Q1849855","display_name":"Parametric statistics","level":2,"score":0.29170000553131104},{"id":"https://openalex.org/C46686674","wikidata":"https://www.wikidata.org/wiki/Q466303","display_name":"Boosting (machine learning)","level":2,"score":0.2759999930858612},{"id":"https://openalex.org/C111030470","wikidata":"https://www.wikidata.org/wiki/Q1430460","display_name":"Curse of dimensionality","level":2,"score":0.27219998836517334},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.2628999948501587},{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.2565000057220459}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3719027.3765140","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765140","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:www.research.unipd.it:11577/3568619","is_oa":true,"landing_page_url":"https://dl.acm.org/doi/10.1145/3719027.3765140","pdf_url":null,"source":{"id":"https://openalex.org/S4377196283","display_name":"Research Padua  Archive (University of Padua)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I138689650","host_organization_name":"University of Padua","host_organization_lineage":["https://openalex.org/I138689650"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":{"id":"doi:10.1145/3719027.3765140","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765140","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320310598","display_name":"Amazon Web Services","ror":"https://ror.org/04mv4n011"},{"id":"https://openalex.org/F4320319290","display_name":"Meta","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W178079818","https://openalex.org/W964460774","https://openalex.org/W1985258161","https://openalex.org/W2043100293","https://openalex.org/W2100960835","https://openalex.org/W2142827986","https://openalex.org/W2147717514","https://openalex.org/W2293768274","https://openalex.org/W2737730861","https://openalex.org/W2794609696","https://openalex.org/W2900153411","https://openalex.org/W2907803369","https://openalex.org/W2949003498","https://openalex.org/W2963469388","https://openalex.org/W2963857521","https://openalex.org/W2970641574","https://openalex.org/W2976680996","https://openalex.org/W2981347768","https://openalex.org/W3091382611","https://openalex.org/W3103836116","https://openalex.org/W3118054728","https://openalex.org/W3181414820","https://openalex.org/W3205478695","https://openalex.org/W4246311742","https://openalex.org/W4384154593","https://openalex.org/W4384573258","https://openalex.org/W4391549739","https://openalex.org/W4395683713","https://openalex.org/W6927917399","https://openalex.org/W7078699134"],"related_works":[],"abstract_inverted_index":{"Robustness":[0],"guarantees":[1,80,142],"are":[2],"essential":[3],"for":[4,52,74],"deploying":[5],"machine":[6,155],"learning":[7,156],"models":[8,31,145],"in":[9,25,46,157],"security-critical":[10],"environments":[11],"where":[12],"adversarial":[13,82,98,106,158],"attacks":[14],"pose":[15],"a":[16,68,91],"serious":[17],"threat.":[18],"While":[19],"extensive":[20],"progress":[21],"has":[22],"been":[23,38],"made":[24],"certifying":[26],"(deep)":[27],"neural":[28],"networks,":[29],"nonparametric":[30],"such":[32],"as":[33],"k-Nearest":[34],"Neighbors":[35],"(k-NN)":[36],"have":[37],"less":[39],"investigated,":[40],"despite":[41],"their":[42],"interpretability":[43],"and":[44,70,135,146],"usage":[45],"high-assurance":[47],"settings.":[48,159],"Prior":[49],"certification":[50,72,121],"methods":[51],"k-NN":[53,75,144],"provide":[54],"sound":[55,69],"but":[56],"incomplete":[57],"guarantees,":[58],"leaving":[59],"many":[60],"genuinely":[61],"robust":[62,154],"inputs":[63],"uncertified.":[64],"This":[65],"work":[66],"introduces":[67],"complete":[71],"framework":[73,138],"classifiers,":[76],"offering":[77],"exact":[78,117],"robustness":[79],"against":[81],"perturbations.":[83],"Our":[84],"approach":[85],"combines":[86],"hypercube":[87],"space":[88],"decomposition":[89],"with":[90],"novel":[92],"graph-theoretic":[93],"analysis":[94],"based":[95],"on":[96,110],"an":[97],"proximity":[99],"precedence":[100],"graph,":[101],"enabling":[102],"full":[103],"coverage":[104],"of":[105,143,152],"regions.":[107],"Extensive":[108],"evaluation":[109],"widely":[111],"used":[112],"datasets":[113],"demonstrates":[114],"that":[115],"our":[116,137],"methodology":[118],"significantly":[119],"improves":[120],"rates":[122],"over":[123],"existing":[124],"techniques":[125],"while":[126],"maintaining":[127],"scalability.":[128],"By":[129],"closing":[130],"the":[131,140,149],"gap":[132],"between":[133],"soundness":[134],"completeness,":[136],"advances":[139],"security":[141],"contributes":[147],"to":[148],"broader":[150],"goal":[151],"provably":[153]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-11-23T00:00:00"}