| | |
| | |
Stat |
Members: 3643 Articles: 2'487'895 Articles rated: 2609
28 March 2024 |
|
| | | |
|
Article overview
| |
|
Guessing Smart: Biased Sampling for Efficient Black-Box Adversarial Attacks | Thomas Brunner
; Frederik Diehl
; Michael Truong Le
; Alois Knoll
; | Date: |
24 Dec 2018 | Abstract: | We consider adversarial examples in the black-box decision-based scenario.
Here, an attacker has access to the final classification of a model, but not
its parameters or softmax outputs. Most attacks for this scenario are based
either on transferability, which is unreliable, or random sampling, which is
extremely slow. Focusing on the latter, we propose to improve sampling-based
attacks with prior beliefs about the target domain. We identify two such
priors, image frequency and surrogate gradients, and discuss how to integrate
them into a unified sampling procedure. We then formulate the Biased Boundary
Attack, which achieves a drastic speedup over the original Boundary Attack.
Finally, we demonstrate that our approach outperforms most state-of-the-art
attacks in a query-limited scenario and is especially effective at breaking
strong defenses: Our submission scored second place in the targeted attack
track of the NeurIPS 2018 Adversarial Vision Challenge. | Source: | arXiv, 1812.9803 | Services: | Forum | Review | PDF | Favorites |
|
|
No review found.
Did you like this article?
Note: answers to reviews or questions about the article must be posted in the forum section.
Authors are not allowed to review their own article. They can use the forum section.
browser claudebot
|
| |
|
|
|
| News, job offers and information for researchers and scientists:
| |