On Certifying Robustness against Backdoor Attacks via Randomized Smoothing
2020·Arxiv