English
Related papers

Related papers: Simulating Unknown Target Models for Query-Efficie…

200 papers

Deep neural network (DNN) as a popular machine learning model is found to be vulnerable to adversarial attack. This attack constructs adversarial examples by adding small perturbations to the raw input, while appearing unmodified to human…

Machine Learning · Computer Science 2018-09-14 Pengcheng Li , Jinfeng Yi , Lijun Zhang

Black-box attack methods aim to infer suitable attack patterns to targeted DNN models by only using output feedback of the models and the corresponding input queries. However, due to lack of prior and inefficiency in leveraging the query…

Computer Vision and Pattern Recognition · Computer Science 2020-02-18 Jiawei Du , Hu Zhang , Joey Tianyi Zhou , Yi Yang , Jiashi Feng

Deep models have shown their vulnerability when processing adversarial samples. As for the black-box attack, without access to the architecture and weights of the attacked model, training a substitute model for adversarial attacks has…

Computer Vision and Pattern Recognition · Computer Science 2021-04-27 Wenxuan Wang , Bangjie Yin , Taiping Yao , Li Zhang , Yanwei Fu , Shouhong Ding , Jilin Li , Feiyue Huang , Xiangyang Xue

Black-box adversarial attacks present a realistic threat to action recognition systems. Existing black-box attacks follow either a query-based approach where an attack is optimized by querying the target model, or a transfer-based approach…

Computer Vision and Pattern Recognition · Computer Science 2022-11-24 Rohit Gupta , Naveed Akhtar , Gaurav Kumar Nayak , Ajmal Mian , Mubarak Shah

In the scenario of black-box adversarial attack, the target model's parameters are unknown, and the attacker aims to find a successful adversarial perturbation based on query feedback under a query budget. Due to the limited feedback…

Machine Learning · Computer Science 2023-01-03 Fei Yin , Yong Zhang , Baoyuan Wu , Yan Feng , Jingyi Zhang , Yanbo Fan , Yujiu Yang

Machine unlearning algorithms, designed for selective removal of training data from models, have emerged as a promising approach to growing privacy concerns. In this work, we expose a critical yet underexplored vulnerability in the…

Cryptography and Security · Computer Science 2024-10-15 Yangsibo Huang , Daogao Liu , Lynn Chua , Badih Ghazi , Pritish Kamath , Ravi Kumar , Pasin Manurangsi , Milad Nasr , Amer Sinha , Chiyuan Zhang

To launch black-box attacks against a Deep Neural Network (DNN) based Face Recognition (FR) system, one needs to build \textit{substitute} models to simulate the target model, so the adversarial examples discovered from substitute models…

Machine Learning · Computer Science 2018-08-23 Di Tang , XiaoFeng Wang , Kehuan Zhang

With the wide applications of deep neural network models in various computer vision tasks, more and more works study the model vulnerability to adversarial examples. For data-free black box attack scenario, existing methods are inspired by…

Computer Vision and Pattern Recognition · Computer Science 2022-04-05 Wenxuan Wang , Xuelin Qian , Yanwei Fu , Xiangyang Xue

Deep learning has made significant breakthroughs in many fields, including electroencephalogram (EEG) based brain-computer interfaces (BCIs). However, deep learning models are vulnerable to adversarial attacks, in which deliberately…

Machine Learning · Computer Science 2019-11-12 Xue Jiang , Xiao Zhang , Dongrui Wu

Recent advancements in diffusion models have enabled high-fidelity and photorealistic image generation across diverse applications. However, these models also present security and privacy risks, including copyright violations, sensitive…

Computer Vision and Pattern Recognition · Computer Science 2025-06-10 Jiacheng Shi , Yanfu Zhang , Huajie Shao , Ashley Gao

We consider adversarial attacks to a black-box model when no queries are allowed. In this setting, many methods directly attack surrogate models and transfer the obtained adversarial examples to fool the target model. Plenty of previous…

Machine Learning · Computer Science 2021-09-08 Yunxiao Qin , Yuanhao Xiong , Jinfeng Yi , Cho-Jui Hsieh

Current black-box adversarial attacks either require multiple queries or diffusion models to produce adversarial samples that can impair the target model performance. However, these methods require training a surrogate loss or diffusion…

Computer Vision and Pattern Recognition · Computer Science 2025-12-08 Joana C. Costa , Tiago Roxo , Hugo Proença , Pedro R. M. Inácio

Adversarial attacks have threatened the application of deep neural networks in security-sensitive scenarios. Most existing black-box attacks fool the target model by interacting with it many times and producing global perturbations.…

Computer Vision and Pattern Recognition · Computer Science 2021-01-05 Tao Xiang , Hangcheng Liu , Shangwei Guo , Tianwei Zhang , Xiaofeng Liao

Deep neural networks (DNNs) have demonstrated excellent performance on various tasks, however they are under the risk of adversarial examples that can be easily generated when the target model is accessible to an attacker (white-box…

Machine Learning · Computer Science 2020-09-28 Yang Bai , Yuyuan Zeng , Yong Jiang , Yisen Wang , Shu-Tao Xia , Weiwei Guo

We present a new method for black-box adversarial attack. Unlike previous methods that combined transfer-based and scored-based methods by using the gradient or initialization of a surrogate white-box model, this new method tries to learn a…

Machine Learning · Computer Science 2020-01-07 Zhichao Huang , Tong Zhang

Deep learning models are known to be vulnerable to adversarial examples. A practical adversarial attack should require as little as possible knowledge of attacked models. Current substitute attacks need pre-trained models to generate…

Cryptography and Security · Computer Science 2020-04-01 Mingyi Zhou , Jing Wu , Yipeng Liu , Xiaolin Huang , Shuaicheng Liu , Xiang Zhang , Ce Zhu

Many adversarial attack approaches are proposed to verify the vulnerability of language models. However, they require numerous queries and the information on the target model. Even black-box attack methods also require the target model's…

Cryptography and Security · Computer Science 2025-04-21 CheolWon Na , YunSeok Choi , Jee-Hyong Lee

A significant number of machine learning models are vulnerable to model extraction attacks, which focus on stealing the models by using specially curated queries against the target model. This task is well accomplished by using part of the…

Cryptography and Security · Computer Science 2023-08-11 Harshit Shah , Aravindhan G , Pavan Kulkarni , Yuvaraj Govidarajulu , Manojkumar Parmar

Researchers have repeatedly shown that it is possible to craft adversarial attacks on deep classifiers (small perturbations that significantly change the class label), even in the "black-box" setting where one only has query access to the…

Machine Learning · Computer Science 2021-02-02 Devin Willmott , Anit Kumar Sahu , Fatemeh Sheikholeslami , Filipe Condessa , Zico Kolter

Unlike the white-box counterparts that are widely studied and readily accessible, adversarial examples in black-box settings are generally more Herculean on account of the difficulty of estimating gradients. Many methods achieve the task by…

Computer Vision and Pattern Recognition · Computer Science 2019-06-12 Ziang Yan , Yiwen Guo , Changshui Zhang
‹ Prev 1 2 3 10 Next ›