This paper introduces a method called randomized smoothing to create a classifier that is certifiably robust to adversarial perturbations under the ℓ₂ norm. The approach involves using a base classifier that performs well under Gaussian noise to generate a new classifier that can be guaranteed to be robust to small perturbations. The key idea is that if a base classifier is robust to Gaussian noise, then a smoothed version of it is also robust to adversarial perturbations. The paper proves a tight robustness guarantee for this method, showing that the smoothed classifier is robust within a certain ℓ₂ radius around any input. This method is demonstrated on ImageNet, where it achieves a certified top-1 accuracy of 49% under adversarial perturbations with ℓ₂ norm less than 0.5. The method is also shown to be effective on smaller datasets like CIFAR-10 and SHVN, where it provides higher certified accuracies. The paper also discusses the practical implementation of the method, including Monte Carlo algorithms for evaluating the smoothed classifier and certifying its robustness. The results show that randomized smoothing is a promising direction for future research in adversarially robust classification.This paper introduces a method called randomized smoothing to create a classifier that is certifiably robust to adversarial perturbations under the ℓ₂ norm. The approach involves using a base classifier that performs well under Gaussian noise to generate a new classifier that can be guaranteed to be robust to small perturbations. The key idea is that if a base classifier is robust to Gaussian noise, then a smoothed version of it is also robust to adversarial perturbations. The paper proves a tight robustness guarantee for this method, showing that the smoothed classifier is robust within a certain ℓ₂ radius around any input. This method is demonstrated on ImageNet, where it achieves a certified top-1 accuracy of 49% under adversarial perturbations with ℓ₂ norm less than 0.5. The method is also shown to be effective on smaller datasets like CIFAR-10 and SHVN, where it provides higher certified accuracies. The paper also discusses the practical implementation of the method, including Monte Carlo algorithms for evaluating the smoothed classifier and certifying its robustness. The results show that randomized smoothing is a promising direction for future research in adversarially robust classification.