Computer Science
5 years ago

New defense stops hackers from crashing autonomous vehicles and bypassing content filters

Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks
Nicolas Papernot, Patrick McDaniel, Xi Wu, Somesh Jha, Ananthram Swami

Paper Summary

Related papers

Theme background image
Computer Science
a year ago

Fraud detection systems vulnerable to sophisticated adversarial attacks, threatening data security.

Adversarial Robustness
Anomaly Detection
Malware Detection
Theme background image
Computer Science
2 years ago

New AI attack method can manipulate training to control outcomes at test-time.

Adversarial Robustness
Anomaly Detection
Bioterrorism Agents
1 view
Theme background image
Computer Science
2 years ago

New method slashes queries needed to trick text classification models by 3-30 times!

Adversarial Robustness
Malware Detection
Natural Language Processing
1 view

Deep learning systems can be tricked by malicious inputs, leading to serious security risks. A method called defensive distillation can help protect these systems by making it much harder to create harmful inputs. The use of defensive distillation can reduce the effectiveness of these harmful inputs by a huge amount, making them almost ineffective. This defense mechanism works by weakening the signals that guide the creation of harmful inputs, making it much harder to manipulate the system.