Adversarial Sparse Teacher: Defense Against Distillation-Based Model Stealing Attacks Using Adversarial Examples

Adversarial Sparse Teacher: Defense Against Distillation-Based Model Stealing Attacks Using Adversarial Examples

We introduce Adversarial Sparse Teacher (AST), a robust defense method against distillation-based model stealing attacks. Our approach trains a teacher model using adversarial examples to produce sparse logit responses and increase the entropy of the output distribution. Typically, a model generates...

Full description

Saved in:
Bibliographic Details
Main Authors: Eda Yilmaz, Hacer Yalim Keles
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Adversarial examples
exponential predictive divergence (EPD)
knowledge distillation
model stealing defense
Online Access:https://ieeexplore.ieee.org/document/11014106/
Tags: Add Tag
No Tags, Be the first to tag this record!

Internet

https://ieeexplore.ieee.org/document/11014106/

Similar Items