{"id":"https://openalex.org/W4385227464","doi":"https://doi.org/10.48550/arxiv.2307.11672","title":"Robust Feature Inference: A Test-time Defense Strategy using Spectral Projections","display_name":"Robust Feature Inference: A Test-time Defense Strategy using Spectral Projections","publication_year":2023,"publication_date":"2023-07-21","ids":{"openalex":"https://openalex.org/W4385227464","doi":"https://doi.org/10.48550/arxiv.2307.11672"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2307.11672","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2307.11672","pdf_url":"https://arxiv.org/pdf/2307.11672","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2307.11672","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5004894915","display_name":"Anurag Singh","orcid":"https://orcid.org/0000-0002-3639-2777"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Singh, Anurag","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076078733","display_name":"Mahalakshmi Sabanayagam","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sabanayagam, Mahalakshmi","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035023688","display_name":"Krikamol Muandet","orcid":"https://orcid.org/0000-0002-4182-5282"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Muandet, Krikamol","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5052425916","display_name":"Debarghya Ghoshdastidar","orcid":"https://orcid.org/0000-0003-0202-7007"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ghoshdastidar, Debarghya","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5004894915"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.9663000106811523,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9605000019073486,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.784076452255249},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7219553589820862},{"id":"https://openalex.org/keywords/computation","display_name":"Computation","score":0.5747957229614258},{"id":"https://openalex.org/keywords/robustness-testing","display_name":"Robustness testing","score":0.5552065372467041},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5464571118354797},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.5080723762512207},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5060908198356628},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.45502549409866333},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.32942652702331543}],"concepts":[{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.784076452255249},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7219553589820862},{"id":"https://openalex.org/C45374587","wikidata":"https://www.wikidata.org/wiki/Q12525525","display_name":"Computation","level":2,"score":0.5747957229614258},{"id":"https://openalex.org/C137726913","wikidata":"https://www.wikidata.org/wiki/Q7353550","display_name":"Robustness testing","level":3,"score":0.5552065372467041},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5464571118354797},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.5080723762512207},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5060908198356628},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.45502549409866333},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.32942652702331543},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C58166","wikidata":"https://www.wikidata.org/wiki/Q224821","display_name":"Fuzzy logic","level":2,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2307.11672","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2307.11672","pdf_url":"https://arxiv.org/pdf/2307.11672","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"doi:10.48550/arxiv.2307.11672","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2307.11672","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2307.11672","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2307.11672","pdf_url":"https://arxiv.org/pdf/2307.11672","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4385227464.pdf","grobid_xml":"https://content.openalex.org/works/W4385227464.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W1985538490","https://openalex.org/W2385695368","https://openalex.org/W2048346223","https://openalex.org/W1566806263","https://openalex.org/W1980755708","https://openalex.org/W2560201613","https://openalex.org/W172227863","https://openalex.org/W1576602683","https://openalex.org/W2149415205","https://openalex.org/W2013496695"],"abstract_inverted_index":{"Test-time":[0],"defenses":[1,194],"are":[2],"used":[3],"to":[4,12,26,45,47,63,85,112,117,127,195],"improve":[5],"the":[6,30,39,43,48,59,64,99,108,114,118,125,136,139,142,147,171,197],"robustness":[7,102,168,180],"of":[8,101,103,138,141,199],"deep":[9],"neural":[10],"networks":[11],"adversarial":[13,31,49,128],"examples":[14],"during":[15],"inference.":[16],"However,":[17],"existing":[18,89],"methods":[19,173],"either":[20],"require":[21],"an":[22],"additional":[23,35,94],"trained":[24,115],"classifier":[25],"detect":[27],"and":[28,163,183],"correct":[29],"samples,":[32],"or":[33,42],"perform":[34],"complex":[36],"optimization":[37],"on":[38,98,158],"model":[40],"parameters":[41],"input":[44],"adapt":[46],"samples":[50],"at":[51],"test-time,":[52],"resulting":[53],"in":[54,58,130,174],"a":[55,72,151],"significant":[56],"increase":[57],"inference":[60],"time":[61],"compared":[62],"base":[65],"model.":[66,154],"In":[67],"this":[68],"work,":[69],"we":[70,106],"propose":[71],"novel":[73],"test-time":[74,95,193],"defense":[75],"strategy":[76],"called":[77],"Robust":[78],"Feature":[79],"Inference":[80],"(RFI)":[81],"that":[82,105,145,177],"is":[83,111,146],"easy":[84],"integrate":[86],"with":[87,191],"any":[88],"(robust)":[90],"training":[91],"procedure":[92],"without":[93],"computation.":[96],"Based":[97],"notion":[100],"features":[104],"present,":[107],"key":[109],"idea":[110],"project":[113],"models":[116],"most":[119,148],"robust":[120,149],"feature":[121,143],"space,":[122],"thereby":[123],"reducing":[124],"vulnerability":[126],"attacks":[129,185],"non-robust":[131],"directions.":[132],"We":[133,187],"theoretically":[134],"characterize":[135],"subspace":[137],"eigenspectrum":[140],"covariance":[144],"for":[150,166],"generalized":[152],"additive":[153],"Our":[155],"extensive":[156],"experiments":[157],"CIFAR-10,":[159],"CIFAR-100,":[160],"tiny":[161],"ImageNet":[162,164],"datasets":[165],"several":[167],"benchmarks,":[169],"including":[170],"state-of-the-art":[172],"RobustBench":[175],"show":[176],"RFI":[178,190],"improves":[179],"across":[181],"adaptive":[182,192],"transfer":[184],"consistently.":[186],"also":[188],"compare":[189],"demonstrate":[196],"effectiveness":[198],"our":[200],"proposed":[201],"approach.":[202]},"counts_by_year":[],"updated_date":"2026-03-14T08:43:22.919905","created_date":"2023-07-25T00:00:00"}