Existing randomized smoothing methods predominantly employ isotropic noise, overlooking the heterogeneity across data dimensions and thereby limiting certified robustness. This paper proposes UCAN—the first universal anisotropic noise augmentation framework—which dynamically assigns asymmetric noise to different input dimensions via a customizable Noise Parameter Generator (NPG). UCAN is classifier-agnostic and supports arbitrary ℓₚ norms (p ∈ {1, 2, ∞}). Its theoretical foundation accommodates any differentiable noise distribution, enabling principled certification with enhanced robustness guarantees. Extensive experiments on MNIST, CIFAR-10, and ImageNet demonstrate that UCAN achieves up to a 182.6% improvement in certified accuracy over prior state-of-the-art methods across diverse threat models, consistently outperforming existing approaches.

Randomized smoothing has become essential for achieving certified adversarial robustness in machine learning models. However, current methods primarily use isotropic noise distributions that are uniform across all data dimensions, such as image pixels, limiting the effectiveness of robustness certification by ignoring the heterogeneity of inputs and data dimensions. To address this limitation, we propose UCAN: a novel technique that underline{U}niversally underline{C}ertifies adversarial robustness with underline{A}nisotropic underline{N}oise. UCAN is designed to enhance any existing randomized smoothing method, transforming it from symmetric (isotropic) to asymmetric (anisotropic) noise distributions, thereby offering a more tailored defense against adversarial attacks. Our theoretical framework is versatile, supporting a wide array of noise distributions for certified robustness in different $ell_p$-norms and applicable to any arbitrary classifier by guaranteeing the classifier's prediction over perturbed inputs with provable robustness bounds through tailored noise injection. Additionally, we develop a novel framework equipped with three exemplary noise parameter generators (NPGs) to optimally fine-tune the anisotropic noise parameters for different data dimensions, allowing for pursuing different levels of robustness enhancements in practice.Empirical evaluations underscore the significant leap in UCAN's performance over existing state-of-the-art methods, demonstrating up to $182.6%$ improvement in certified accuracy at large certified radii on MNIST, CIFAR10, and ImageNet datasets.footnote{Code is anonymously available at href{https://github.com/youbin2014/UCAN/}{https://github.com/youbin2014/UCAN/}}