Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks

Explore a 22-minute IEEE conference talk on defensive distillation as a countermeasure against adversarial attacks on deep neural networks. Delve into the vulnerability of deep learning algorithms to adversarial samples and their potential security implications. Learn about the proposed defensive distillation mechanism and its effectiveness in reducing the impact of adversarial inputs. Examine analytical and empirical studies demonstrating how this technique can dramatically decrease the success rate of sample creation from 95% to less than 0.5% and increase the complexity of creating adversarial samples. Gain insights into the generalizability and robustness properties granted by defensive distillation in training deep neural networks, and understand its potential applications in enhancing the security of AI-powered systems.

Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks