English
Related papers

Related papers: BOSH: An Efficient Meta Algorithm for Decision-bas…

200 papers

We focus on the problem of black-box adversarial attacks, where the aim is to generate adversarial examples for deep learning models solely based on information limited to output label~(hard label) to a queried data input. We propose a…

Machine Learning · Computer Science 2021-06-14 Satya Narayan Shukla , Anit Kumar Sahu , Devin Willmott , J. Zico Kolter

We study an important and challenging task of attacking natural language processing models in a hard label black box setting. We propose a decision-based attack strategy that crafts high quality adversarial examples on text classification…

Computation and Language · Computer Science 2021-04-30 Rishabh Maheshwary , Saket Maheshwary , Vikram Pudi

Deep learning models are vulnerable to adversarial examples, which can fool a target classifier by imposing imperceptible perturbations onto natural examples. In this work, we consider the practical and challenging decision-based black-box…

Machine Learning · Computer Science 2021-05-11 Qi-An Fu , Yinpeng Dong , Hang Su , Jun Zhu

We focus on the problem of black-box adversarial attacks, where the aim is to generate adversarial examples using information limited to loss function evaluations of input-output pairs. We use Bayesian optimization~(BO) to specifically…

Machine Learning · Computer Science 2019-10-01 Satya Narayan Shukla , Anit Kumar Sahu , Devin Willmott , J. Zico Kolter

We focus on the problem of adversarial attacks against models on discrete sequential data in the black-box setting where the attacker aims to craft adversarial examples with limited query access to the victim model. Existing black-box…

Machine Learning · Computer Science 2022-06-20 Deokjae Lee , Seungyong Moon , Junhyeok Lee , Hyun Oh Song

We study the problem of attacking a machine learning model in the hard-label black-box setting, where no model information is revealed except that the attacker can make queries to probe the corresponding hard-label decisions. This is a very…

Machine Learning · Computer Science 2018-07-13 Minhao Cheng , Thong Le , Pin-Yu Chen , Jinfeng Yi , Huan Zhang , Cho-Jui Hsieh

Machine Learning systems are vulnerable to adversarial attacks and will highly likely produce incorrect outputs under these attacks. There are white-box and black-box attacks regarding to adversary's access level to the victim learning…

Machine Learning · Computer Science 2019-10-23 Saeid Samizade , Zheng-Hua Tan , Chao Shen , Xiaohong Guan

We study adversarial examples in a black-box setting where the adversary only has API access to the target model and each query is expensive. Prior work on black-box adversarial examples follows one of two main strategies: (1) transfer…

Cryptography and Security · Computer Science 2019-12-03 Fnu Suya , Jianfeng Chi , David Evans , Yuan Tian

Many machine learning algorithms are vulnerable to almost imperceptible perturbations of their inputs. So far it was unclear how much risk adversarial perturbations carry for the safety of real-world machine learning applications because…

Machine Learning · Statistics 2018-02-19 Wieland Brendel , Jonas Rauber , Matthias Bethge

Adversarial robustness in structured data remains an underexplored frontier compared to vision and language domains. In this work, we introduce a novel black-box, decision-based adversarial attack tailored for tabular data. Our approach…

Machine Learning · Computer Science 2025-11-25 Roie Kazoom , Yuval Ratzabi , Etamar Rothstein , Ofer Hadar

Note that this paper is superceded by "Black-Box Adversarial Attacks with Limited Queries and Information." Current neural network-based image classifiers are susceptible to adversarial examples, even in the black-box setting, where the…

Computer Vision and Pattern Recognition · Computer Science 2018-04-09 Andrew Ilyas , Logan Engstrom , Anish Athalye , Jessy Lin

Black-box hard-label adversarial attack on text is a practical and challenging task, as the text data space is inherently discrete and non-differentiable, and only the predicted label is accessible. Research on this problem is still in the…

Computation and Language · Computer Science 2024-02-06 Han Liu , Zhi Xu , Xiaotong Zhang , Feng Zhang , Fenglong Ma , Hongyang Chen , Hong Yu , Xianchao Zhang

Deep neural networks are vulnerable to adversarial examples, which poses security concerns on these algorithms due to the potentially severe consequences. Adversarial attacks serve as an important surrogate to evaluate the robustness of…

Machine Learning · Computer Science 2018-03-23 Yinpeng Dong , Fangzhou Liao , Tianyu Pang , Hang Su , Jun Zhu , Xiaolin Hu , Jianguo Li

This paper proposes a black-box adversarial attack method to automatic speech recognition systems. Some studies have attempted to attack neural networks for speech recognition; however, these methods did not consider the robustness of…

Sound · Computer Science 2024-07-09 Shoma Ishida , Satoshi Ono

In generating adversarial examples, the conventional black-box attack methods rely on sufficient feedback from the to-be-attacked models by repeatedly querying until the attack is successful, which usually results in thousands of trials…

Computer Vision and Pattern Recognition · Computer Science 2023-12-13 Renyang Liu , Wei Zhou , Xin Jin , Song Gao , Yuanyu Wang , Ruxin Wang

We study the most practical problem setup for evaluating adversarial robustness of a machine learning system with limited access: the hard-label black-box attack setting for generating adversarial examples, where limited model queries are…

Machine Learning · Computer Science 2020-02-17 Minhao Cheng , Simranjit Singh , Patrick Chen , Pin-Yu Chen , Sijia Liu , Cho-Jui Hsieh

Decision-based attacks (DBA), wherein attackers perturb inputs to spoof learning algorithms by observing solely the output labels, are a type of severe adversarial attacks against Deep Neural Networks (DNNs) requiring minimal knowledge of…

Machine Learning · Computer Science 2023-01-20 Zhuosheng Zhang , Shucheng Yu

Adversarial examples are important for understanding the behavior of neural models, and can improve their robustness through adversarial training. Recent work in natural language processing generated adversarial examples by assuming…

Machine Learning · Computer Science 2019-04-05 Yotam Gil , Yoav Chai , Or Gorodissky , Jonathan Berant

In the scenario of black-box adversarial attack, the target model's parameters are unknown, and the attacker aims to find a successful adversarial perturbation based on query feedback under a query budget. Due to the limited feedback…

Machine Learning · Computer Science 2023-01-03 Fei Yin , Yong Zhang , Baoyuan Wu , Yan Feng , Jingyi Zhang , Yanbo Fan , Yujiu Yang

We consider the hard label based black box adversarial attack setting which solely observes predicted classes from the target model. Most of the attack methods in this setting suffer from impractical number of queries required to achieve a…

Machine Learning · Computer Science 2024-03-12 Jeonghwan Park , Paul Miller , Niall McLaughlin
‹ Prev 1 2 3 10 Next ›