English
Related papers

Related papers: Query-Efficient Black-Box Attack Against Sequence-…

200 papers

In this paper, we present a black-box attack against API call based machine learning malware classifiers, focusing on generating adversarial sequences combining API calls and static features (e.g., printable strings) that will be…

Cryptography and Security · Computer Science 2018-06-26 Ishai Rosenberg , Asaf Shabtai , Lior Rokach , Yuval Elovici

Based on API call sequences, semantic-aware and machine learning (ML) based malware classifiers can be built for malware detection or classification. Previous works concentrate on crafting and extracting various features from malware…

Sound · Computer Science 2016-10-20 Xin Wang , Siu Ming Yiu

Black-box attack methods aim to infer suitable attack patterns to targeted DNN models by only using output feedback of the models and the corresponding input queries. However, due to lack of prior and inefficiency in leveraging the query…

Computer Vision and Pattern Recognition · Computer Science 2020-02-18 Jiawei Du , Hu Zhang , Joey Tianyi Zhou , Yi Yang , Jiashi Feng

Recent researches have shown that machine learning based malware detection algorithms are very vulnerable under the attacks of adversarial examples. These works mainly focused on the detection algorithms which use features with fixed…

Machine Learning · Computer Science 2017-05-24 Weiwei Hu , Ying Tan

Note that this paper is superceded by "Black-Box Adversarial Attacks with Limited Queries and Information." Current neural network-based image classifiers are susceptible to adversarial examples, even in the black-box setting, where the…

Computer Vision and Pattern Recognition · Computer Science 2018-04-09 Andrew Ilyas , Logan Engstrom , Anish Athalye , Jessy Lin

Machine learning has been applied to a broad range of applications and some of them are available online as application programming interfaces (APIs) with either free (trial) or paid subscriptions. In this paper, we study adversarial…

Machine Learning · Computer Science 2018-11-06 Yi Shi , Yalin E. Sagduyu , Kemal Davaslioglu , Jason H. Li

Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker is only given black-box query access to the model. The main drawback of these attacks is that: (i) they are query-inefficient,…

Cryptography and Security · Computer Science 2021-05-20 Luca Demetrio , Battista Biggio , Giovanni Lagorio , Fabio Roli , Alessandro Armando

Unlike the white-box counterparts that are widely studied and readily accessible, adversarial examples in black-box settings are generally more Herculean on account of the difficulty of estimating gradients. Many methods achieve the task by…

Computer Vision and Pattern Recognition · Computer Science 2019-06-12 Ziang Yan , Yiwen Guo , Changshui Zhang

An adversary who aims to steal a black-box model repeatedly queries the model via a prediction API to learn a function that approximates its decision boundary. Adversarial approximation is non-trivial because of the enormous combinations of…

Cryptography and Security · Computer Science 2020-06-30 Abdullah Ali , Birhanu Eshete

Decision-based evasion attacks repeatedly query a black-box classifier to generate adversarial examples. Prior work measures the cost of such attacks by the total number of queries made to the classifier. We argue this metric is flawed.…

Cryptography and Security · Computer Science 2024-02-15 Edoardo Debenedetti , Nicholas Carlini , Florian Tramèr

Deep learning systems are known to be vulnerable to adversarial examples. In particular, query-based black-box attacks do not require knowledge of the deep learning model, but can compute adversarial examples over the network by submitting…

Cryptography and Security · Computer Science 2022-06-10 Huiying Li , Shawn Shan , Emily Wenger , Jiayun Zhang , Haitao Zheng , Ben Y. Zhao

Current neural network-based classifiers are susceptible to adversarial examples even in the black-box setting, where the attacker only has query access to the model. In practice, the threat model for real-world systems is often more…

Computer Vision and Pattern Recognition · Computer Science 2018-07-12 Andrew Ilyas , Logan Engstrom , Anish Athalye , Jessy Lin

We study black-box attacks on machine learning classifiers where each query to the model incurs some cost or risk of detection to the adversary. We focus explicitly on minimizing the number of queries as a major objective. Specifically, we…

Cryptography and Security · Computer Science 2017-12-27 Fnu Suya , Yuan Tian , David Evans , Paolo Papotti

Deep neural networks (DNNs) have demonstrated excellent performance on various tasks, however they are under the risk of adversarial examples that can be easily generated when the target model is accessible to an attacker (white-box…

Machine Learning · Computer Science 2020-09-28 Yang Bai , Yuyuan Zeng , Yong Jiang , Yisen Wang , Shu-Tao Xia , Weiwei Guo

Black-box adversarial attacks present a realistic threat to action recognition systems. Existing black-box attacks follow either a query-based approach where an attack is optimized by querying the target model, or a transfer-based approach…

Computer Vision and Pattern Recognition · Computer Science 2022-11-24 Rohit Gupta , Naveed Akhtar , Gaurav Kumar Nayak , Ajmal Mian , Mubarak Shah

Sentence-level attacks craft adversarial sentences that are synonymous with correctly-classified sentences but are misclassified by the text classifiers. Under the black-box setting, classifiers are only accessible through their feedback to…

Computation and Language · Computer Science 2024-02-22 Raha Moraffah , Huan Liu

We focus on the problem of adversarial attacks against models on discrete sequential data in the black-box setting where the attacker aims to craft adversarial examples with limited query access to the victim model. Existing black-box…

Machine Learning · Computer Science 2022-06-20 Deokjae Lee , Seungyong Moon , Junhyeok Lee , Hyun Oh Song

Researchers have repeatedly shown that it is possible to craft adversarial attacks on deep classifiers (small perturbations that significantly change the class label), even in the "black-box" setting where one only has query access to the…

Machine Learning · Computer Science 2021-02-02 Devin Willmott , Anit Kumar Sahu , Fatemeh Sheikholeslami , Filipe Condessa , Zico Kolter

Recent studies have highlighted that deep neural networks (DNNs) are vulnerable to adversarial attacks, even in a black-box scenario. However, most of the existing black-box attack algorithms need to make a huge amount of queries to perform…

Machine Learning · Statistics 2018-09-11 Yali Du , Meng Fang , Jinfeng Yi , Jun Cheng , Dacheng Tao

Decision-based attacks construct adversarial examples against a machine learning (ML) model by making only hard-label queries. These attacks have mainly been applied directly to standalone neural networks. However, in practice, ML models…

Cryptography and Security · Computer Science 2023-07-24 Chawin Sitawarin , Florian Tramèr , Nicholas Carlini
‹ Prev 1 2 3 10 Next ›