Saved in:
Bibliographic Details
Main Authors: Xu, Changming, Banerjee, Debangshu, Vasisht, Deepak, Singh, Gagandeep
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2504.11831
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • Variational Autoencoders (VAEs) have become increasingly popular and deployed in safety-critical applications. In such applications, we want to give certified probabilistic guarantees on performance under adversarial attacks. We propose a novel method, CIVET, for certified training of VAEs. CIVET depends on the key insight that we can bound worst-case VAE error by bounding the error on carefully chosen support sets at the latent layer. We show this point mathematically and present a novel training algorithm utilizing this insight. We show in an extensive evaluation across different datasets (in both the wireless and vision application areas), architectures, and perturbation magnitudes that our method outperforms SOTA methods achieving good standard performance with strong robustness guarantees.