Median Smoothing Enhances OOD Detection Robustness
A new framework called ROSS (Robust Out-of-distribution Detection via Synergistic Smoothing) improves adversarial robustness in OOD detection. The method applies median smoothing to baseline OOD scores, balancing clean and adversarial accuracies. It repurposes noisy samples from median smoothing to quantify local instability, finding that OOD samples exhibit higher instability under perturbation. ROSS achieves symmetric robustness against both score-minimising and score-maximising attacks. The work is published on arXiv (2605.08191) and addresses a critical vulnerability in machine learning safety.
Key facts
- arXiv paper 2605.08191 introduces ROSS framework
- ROSS applies median smoothing to OOD detection scores
- Method repurposes noisy samples to quantify local instability
- OOD samples show higher instability under perturbation
- ROSS achieves symmetric robustness against score-minimising and score-maximising attacks
- Addresses adversarial vulnerability in state-of-the-art OOD detectors
Entities
Institutions
- arXiv