TRM MNIST PGD (ε=0.15)

TRM trained with PGD adversarial training at ε=0.15/255.

Training Configuration

Method: PGD-7 adversarial training (Madry et al. 2018)
Attack: 7 steps, step size=0.01
ε: 0.15 (L∞ on [0,1] pixels)
Epochs: 50
Architecture: TRM-MLP (105.8M params)

Verification Results (β-CROWN, 512 samples)

ε (L∞)	Verified	vs IBP
0.06	48%	-13%
0.08	63%	-15%
0.10	63%	-12%

Finding: PGD underperforms IBP on simple MNIST by ~15%.

Usage

import torch
from veriphi.models import TinyRecursiveMLP

model = TinyRecursiveMLP(x_dim=784, y_dim=512, z_dim=512, hidden=1024,
                         num_classes=10, H_cycles=2, L_cycles=2)
model.load_state_dict(torch.load("trm-mnist-adv-eps015.pt"))
model.eval()

Citation

@article{deshmukh2026veriphi,
  title={Veriphi: Attack-Guided Neural Network Verification with Dataset-Dependent Training Methods},
  author={Deshmukh, Pratik and Savin, Vasili and Arya, Kartik},
  journal={arXiv preprint arXiv:2606.18454},
  year={2026}
}

Paper: arXiv:2606.18454 | Code: GitHub

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

Dataset used to train ludwigw/trm-mnist-adv-eps015

Paper for ludwigw/trm-mnist-adv-eps015

Veriphi: Attack-Guided Neural Network Verification with Dataset-Dependent Training Methods

Paper • 2606.18454 • Published 3 days ago • 1