Diverse Knowledge Distillation (DKD): A Solution for Improving The Robustness of Ensemble Models Against Adversarial Attacks
| dc.contributor.author | Mirzaeian, Ali | |
| dc.contributor.author | Kosecka, Jana | |
| dc.contributor.author | Homayoun, Houman | |
| dc.contributor.author | Mohsenin, Tinoosh | |
| dc.contributor.author | Sasan, Avesta | |
| dc.date.accessioned | 2021-02-16T17:45:06Z | |
| dc.date.available | 2021-02-16T17:45:06Z | |
| dc.description.abstract | This paper proposes an ensemble learning model that is resistant to adversarial attacks. To build resilience, we introduced a training process where each member learns a radically distinct latent space. Member models are added one at a time to the ensemble. Simultaneously, the loss function is regulated by a reverse knowledge distillation, forcing the new member to learn different features and map to a latent space safely distanced from those of existing members. We assessed the security and performance of the proposed solution on image classification tasks using CIFAR10 and MNIST datasets and showed security and performance improvement compared to the state of the art defense methods. | en_US |
| dc.description.sponsorship | This work was supported by Centauri Corp. and the National Science Foundation (NSF) through Computer Systems Research (CSR) program under NSF award number 1718538. | en_US |
| dc.description.uri | https://arxiv.org/abs/2006.15127 | en_US |
| dc.format.extent | 6 pages | en_US |
| dc.genre | journal article preprints | en_US |
| dc.identifier | doi:10.13016/m2hksl-vixr | |
| dc.identifier.citation | Ali Mirzaeian, Jana Kosecka, Houman Homayoun, Tinoosh Mohsenin and Avesta Sasan, Diverse Knowledge Distillation (DKD): A Solution for Improving The Robustness of Ensemble Models Against Adversarial Attacks, https://arxiv.org/abs/2006.15127 | en_US |
| dc.identifier.uri | http://hdl.handle.net/11603/21039 | |
| dc.language.iso | en_US | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.title | Diverse Knowledge Distillation (DKD): A Solution for Improving The Robustness of Ensemble Models Against Adversarial Attacks | en_US |
| dc.type | Text | en_US |