Adversarial Machine Learning

Defensive Distillation you own this product

This project is part of the liveProject series Adversarial Machine Learning
intermediate/advanced Keras • intermediate Matplotlib
skills learned
basics of defensive distillation • basics of logit models • CleverHans attack generator
Ferhat Özgur Catak
1 week · 4-6 hours per week · INTERMEDIATE
filed under

placing your order...

Don't refresh or navigate away from the page.
liveProject This project is part of the liveProject series Adversarial Machine Learning liveProjects give you the opportunity to learn new skills by completing real-world challenges in your local development environment. Solve practical problems, write working code, and analyze real data—with liveProject, you learn by doing. These self-paced projects also come with full liveBook access to select books for 90 days plus permanent access to other select Manning products. $19.99 $29.99 you save $10 (33%)
Defensive Distillation (liveProject) added to cart
continue shopping
adding to cart

Look inside

Make your model less vulnerable to exploitation with defensive distillation, an adversarial training strategy that uses a teacher (larger, more efficient) model to learn the critical features of a student (smaller, less efficient) model, then use the teacher model to improve the accuracy of the student model. In this liveProject, you’ll use a pre-trained model to train your student model without distillation, generate malicious input using FGSM, and evaluate the undefended model. Then, you’ll train a teacher model with a pre-trained dataset, train your student model with the same training set and teacher model using distillation, generate malicious input, and evaluate the defended student model, comparing the results with and without distillation.

This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Ferhat Özgur Catak

Ferhat Ozgur Catak is an associate professor of computer science at the University of Stavanger, Norway. He has experience developing machine/deep learning models for cybersecurity, security for deep learning models, and data privacy using statistical and cryptographic methods. He has also been involved in several national, international, and NATO-wide security and research activities.


This liveProject is for intermediate Python programmers who know the basics of data science. To begin this liveProject, you’ll need to be familiar with the following:

  • Intermediate Python
  • Jupyter Notebook
  • Model classification
  • Evaluate model performance
  • Basic plotting using Matplotlib
  • Computer vision basics (reading and displaying images, and converting and resizing them into feature vectors)

you will learn

In this liveProject, you’ll learn to build student and teacher models, implement a defensive distillation strategy to defend against malicious attacks, and evaluate the performance of your models.

  • Load CNN-based image classifier model using Keras
  • Visualize images and parts of your model using cv2
  • Visualize images and parts of your neural network using Matplotlib
  • Perform mathematical operations on images using NumPy


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.