Advanced defensive distillation with ensemble voting and noisy logits

In this paper we provide an approach for deep neural networks that protects against adversarial examples in image classification-type problems. blackUnlike adversarial training, our approach is independent to the obtained adversarial examples through min-max optimization. The approach relies on the defensive distillation mechanism. This defence mechanism, while very successful at the time, was defeated in less than a year due to a major …