Leveraging Model Distillation as a Defense Against Adversarial Attacks Based on Deep Learning
- Title
- Leveraging Model Distillation as a Defense Against Adversarial Attacks Based on Deep Learning
- Creator
- Suresh K.; Radha J.; Thilagaraj T.; Subramani R.; Lakineni P.K.; Taqui S.N.
- Description
- Adversarial attacks on deep learning models threaten machine learning system security and reliability. The above attacks use modest data alterations to produce erroneous model results while being undetected by humans. This work suggests model distillation to prevent adversarial perturbations. The student model is taught to emulate the teacher model in model distillation. This is done using teacher model soft outputs. Our idea is that this strategy organically strengthens the student model against adversarial assaults by keeping the teacher model's essential knowledge and generalization capabilities while reducing weaknesses. Distilled models are more resilient to adversarial assaults than non-distilled models, according to experiments. These models also perform similarly on undamaged, uncorrupted data. The results show that model distillation may be a powerful defense against machine learning adversaries. This method protects model resilience and performance. 2023 IEEE.
- Source
- 2023 International Conference on Communication, Security and Artificial Intelligence, ICCSAI 2023, pp. 921-925.
- Date
- 2023-01-01
- Publisher
- Institute of Electrical and Electronics Engineers Inc.
- Subject
- Adversarial Attacks; Deep Learning; Defensive Approach; Machine Learning; Model Distillation
- Coverage
- Suresh K., Christ (Deemed University), Department of Computer Science, Bangalore, India; Radha J., Nandha Engineering College, Department of Computer Science and Engineering, Tamilnadu, Perundurai, India; Thilagaraj T., Moodlakatte Institute of Technology, Department of Computer Science and Engineering, Moodalakatte, Karnataka, Kundapura, India; Subramani R., Christ (Deemed to Be University), Department of Mathematics, Bangalore, India; Lakineni P.K., Gitam School of Technology, Gitam University, Department of Computer Science and Engineering, Visakhapatnam, India; Taqui S.N., Saveetha School of Engineering, Saveetha Institute of Medical and Technical Sciences, Department of Vlsi Microelectronics, Tamil Nadu, Chennai, India
- Rights
- Restricted Access
- Relation
- ISBN: 979-835036996-0
- Format
- Online
- Language
- English
- Type
- Conference paper
Collection
Citation
Suresh K.; Radha J.; Thilagaraj T.; Subramani R.; Lakineni P.K.; Taqui S.N., “Leveraging Model Distillation as a Defense Against Adversarial Attacks Based on Deep Learning,” CHRIST (Deemed To Be University) Institutional Repository, accessed February 25, 2025, https://archives.christuniversity.in/items/show/19658.