English
Related papers

Related papers: HopSkipJumpAttack: A Query-Efficient Decision-Base…

200 papers

Most current classifiers are vulnerable to adversarial examples, small input perturbations that change the classification output. Many existing attack algorithms cover various settings, from white-box to black-box classifiers, but typically…

Machine Learning · Computer Science 2021-06-15 Carl-Johann Simon-Gabriel , Noman Ahmed Sheikh , Andreas Krause

Many machine learning algorithms are vulnerable to almost imperceptible perturbations of their inputs. So far it was unclear how much risk adversarial perturbations carry for the safety of real-world machine learning applications because…

Machine Learning · Statistics 2018-02-19 Wieland Brendel , Jonas Rauber , Matthias Bethge

Machine learning models are critically susceptible to evasion attacks from adversarial examples. Generally, adversarial examples, modified inputs deceptively similar to the original input, are constructed under whitebox settings by…

Machine Learning · Computer Science 2023-03-27 Viet Quoc Vo , Ehsan Abbasnejad , Damith C. Ranasinghe

Membership inference attack is one of the most popular privacy attacks in machine learning, which aims to predict whether a given sample was contained in the target model's training set. Label-only membership inference attack is a variant…

Machine Learning · Computer Science 2023-06-08 JiaCheng Xu , ChengXiang Tan

Trajectory prediction systems are critical for autonomous vehicle safety, yet remain vulnerable to adversarial attacks that can cause catastrophic traffic behavior misinterpretations. Existing attack methods require white-box access with…

Robotics · Computer Science 2026-03-30 Jiaxiang Li , Jun Yan , Daniel Watzenig , Huilin Yin

Adversarial robustness in structured data remains an underexplored frontier compared to vision and language domains. In this work, we introduce a novel black-box, decision-based adversarial attack tailored for tabular data. Our approach…

Machine Learning · Computer Science 2025-11-25 Roie Kazoom , Yuval Ratzabi , Etamar Rothstein , Ofer Hadar

Due to the gap between a substitute model and a victim model, the gradient-based noise generated from a substitute model may have low transferability for a victim model since their gradients are different. Inspired by the fact that the…

Computer Vision and Pattern Recognition · Computer Science 2023-03-13 Boheng Zeng , LianLi Gao , QiLong Zhang , ChaoQun Li , JingKuan Song , ShuaiQi Jing

The susceptibility of deep neural networks (DNNs) to adversarial examples has prompted an increase in the deployment of adversarial attacks. Image-agnostic universal adversarial perturbations (UAPs) are much more threatening, but many…

Computer Vision and Pattern Recognition · Computer Science 2023-08-15 Geunhyeok Yu , Minwoo Jeon , Hyoseok Hwang

There is an increasing interest in analyzing the behavior of machine learning systems against adversarial attacks. However, most of the research in adversarial machine learning has focused on studying weaknesses against evasion or poisoning…

Machine Learning · Statistics 2025-06-12 Pablo G. Arce , Roi Naveiro , David Ríos Insua

Recently, backpropagation through time inspired learning algorithms are widely introduced into SNNs to improve the performance, which brings the possibility to attack the models accurately given Spatio-temporal gradient maps. We propose two…

Neural and Evolutionary Computing · Computer Science 2020-10-02 Ling Liang , Xing Hu , Lei Deng , Yujie Wu , Guoqi Li , Yufei Ding , Peng Li , Yuan Xie

Adversarial examples are typically optimized with gradient-based attacks. While novel attacks are continuously proposed, each is shown to outperform its predecessors using different experimental setups, hyperparameter settings, and number…

Despite the wide use of machine learning in adversarial settings including computer security, recent studies have demonstrated vulnerabilities to evasion attacks---carefully crafted adversarial samples that closely resemble legitimate…

Cryptography and Security · Computer Science 2017-05-26 Yi Han , Benjamin I. P. Rubinstein

We consider adversarial examples for image classification in the black-box decision-based setting. Here, an attacker cannot access confidence scores, but only the final label. Most attacks for this scenario are either unreliable or…

Machine Learning · Statistics 2021-04-30 Thomas Brunner , Frederik Diehl , Michael Truong Le , Alois Knoll

Deep learning models are vulnerable to adversarial examples, which can fool a target classifier by imposing imperceptible perturbations onto natural examples. In this work, we consider the practical and challenging decision-based black-box…

Machine Learning · Computer Science 2021-05-11 Qi-An Fu , Yinpeng Dong , Hang Su , Jun Zhu

Gradient-based adversarial attacks are widely used to evaluate the robustness of 3D point cloud classifiers, yet they often rely on uniform update rules that neglect point-wise heterogeneity, leading to perceptible perturbations. We propose…

Computer Vision and Pattern Recognition · Computer Science 2026-03-20 Jun Chen , Xinke Li , Mingyue Xu , Chongshou Li , Truiani Li

Decision-based attack poses a severe threat to real-world applications since it regards the target model as a black box and only accesses the hard prediction label. Great efforts have been made recently to decrease the number of queries;…

Computer Vision and Pattern Recognition · Computer Science 2022-07-22 Xiaosen Wang , Zeliang Zhang , Kangheng Tong , Dihong Gong , Kun He , Zhifeng Li , Wei Liu

With the maturity of depth sensors, the vulnerability of 3D point cloud models has received increasing attention in various applications such as autonomous driving and robot navigation. Previous 3D adversarial attackers either follow the…

Computer Vision and Pattern Recognition · Computer Science 2023-08-16 Yunbo Tao , Daizong Liu , Pan Zhou , Yulai Xie , Wei Du , Wei Hu

In order to be applicable in real-world scenario, Boundary Attacks (BAs) were proposed and ensured one hundred percent attack success rate with only decision information. However, existing BA methods craft adversarial examples by leveraging…

Computer Vision and Pattern Recognition · Computer Science 2022-07-07 Dan Wang , Jiayu Lin , Yuan-Gen Wang

Deep neural networks and other machine learning systems, despite being extremely powerful and able to make predictions with high accuracy, are vulnerable to adversarial attacks. We proposed the DeltaBound attack: a novel, powerful attack in…

Machine Learning · Computer Science 2022-10-04 Lorenzo Rossi

We study the problem of efficient adversarial attacks on tree based ensembles such as gradient boosting decision trees (GBDTs) and random forests (RFs). Since these models are non-continuous step functions and gradient does not exist, most…

Machine Learning · Computer Science 2020-10-23 Chong Zhang , Huan Zhang , Cho-Jui Hsieh
‹ Prev 1 2 3 10 Next ›