survey 2026

Verification of Neural Networks (Lecture Notes)

Benedikt Bollig 1,2,3

1 Université Paris-Saclay

2 CNRS

3 ENS Paris-Saclay

0 citations
α

Published on arXiv

2604.25733

Input Manipulation Attack

OWASP ML Top 10 — ML01

Key Finding

Provides mathematical foundations and algorithmic approaches for formally verifying safety properties of neural networks in safety-critical applications

These lecture notes provide an introduction to the verification of neural networks from a theoretical perspective. We discuss feed-forward neural networks, recurrent neural networks, attention mechanisms, and transformers, together with specification languages and algorithmic verification techniques.

Key Contributions

  • Comprehensive theoretical framework for neural network verification
  • Coverage of feed-forward networks, RNNs, attention mechanisms, and transformers
  • Specification languages and algorithmic verification techniques for safety-critical AI

🛡️ Threat Analysis

Input Manipulation Attack

Verification of neural networks primarily concerns proving robustness properties and safety guarantees against adversarial inputs and edge cases - this is fundamentally about ensuring models behave correctly under input perturbations, which is the core concern of ML01 defenses.

Details

Domains
visionnlp
Model Types
cnntransformerrnn
Threat Tags
inference_time
Applications
autonomous drivingmedical diagnosticsimage classificationspeech recognition
Read PDF arXiv

Similar Papers

defense

Bridging Efficiency and Safety: Formal Verification of Neural Networks with Early Exits

2025 1 cit.
Input Manipulation Attack
67%
benchmark

Semantically Guided Adversarial Testing of Vision Models Using Language Models

2025 0 cit.
Input Manipulation Attack
62%
defense

Tight Robustness Certificates and Wasserstein Distributional Attacks for Deep Neural Networks

2025 0 cit.
Input Manipulation Attack
62%
attack

Automatic Attack Discovery for Few-Shot Class-Incremental Learning via Large Language Models

2025 0 cit.
Input Manipulation Attack
59%
benchmark

Solving adversarial examples requires solving exponential misalignment

2026 0 cit.
Input Manipulation Attack
57%
benchmark

Formal Reasoning About Confidence and Automated Verification of Neural Networks

2025 0 cit.
Input Manipulation Attack
57%
defense

Multi-Layer Confidence Scoring for Detection of Out-of-Distribution Samples, Adversarial Attacks, and In-Distribution Misclassifications

2025 0 cit.
Input Manipulation Attack
57%
benchmark

Get Global Guarantees: On the Probabilistic Nature of Perturbation Robustness

2025 0 cit.
Input Manipulation Attack
57%