Deep neural networks (DNNs) suffer from insufficient adversarial robustness due to excessively large Lipschitz constants. Method: We propose a data-driven, Lipschitz-regularization approach via zero-cost, lightweight input-domain remapping—requiring no architectural modification, additional training, or external samples—thereby explicitly reducing the model’s Lipschitz constant to enhance robustness and enable theoretically sound, certifiable robustness. Contribution/Results: This is the first plug-and-play, post-hoc method compatible with mainstream DNN architectures. On CIFAR-10, CIFAR-100, and ImageNet, it achieves the state-of-the-art certified robust accuracy on RobustBench, significantly outperforming existing adversarial training and certification methods. The approach combines computational efficiency, architectural generality, and rigorous theoretical guarantees—offering a practical yet principled solution to certified robustness.

The security and robustness of deep neural networks (DNNs) have become increasingly concerning. This paper aims to provide both a theoretical foundation and a practical solution to ensure the reliability of DNNs. We explore the concept of Lipschitz continuity to certify the robustness of DNNs against adversarial attacks, which aim to mislead the network with adding imperceptible perturbations into inputs. We propose a novel algorithm that remaps the input domain into a constrained range, reducing the Lipschitz constant and potentially enhancing robustness. Unlike existing adversarially trained models, where robustness is enhanced by introducing additional examples from other datasets or generative models, our method is almost cost-free as it can be integrated with existing models without requiring re-training. Experimental results demonstrate the generalizability of our method, as it can be combined with various models and achieve enhancements in robustness. Furthermore, our method achieves the best robust accuracy for CIFAR10, CIFAR100, and ImageNet datasets on the RobustBench leaderboard.