English
Related papers

Related papers: Improving Adversarial Transferability with Gradien…

200 papers

Deep neural networks are vulnerable to adversarial examples that mislead the models with imperceptible perturbations. Though adversarial attacks have achieved incredible success rates in the white-box setting, most existing adversaries…

Artificial Intelligence · Computer Science 2021-08-16 Xiaosen Wang , Kun He

Deep neural networks are vulnerable to adversarial examples, which can mislead classifiers by adding imperceptible perturbations. An intriguing property of adversarial examples is their good transferability, making black-box attacks…

Computer Vision and Pattern Recognition · Computer Science 2019-04-08 Yinpeng Dong , Tianyu Pang , Hang Su , Jun Zhu

Though CNNs have achieved the state-of-the-art performance on various vision tasks, they are vulnerable to adversarial examples --- crafted by adding human-imperceptible perturbations to clean images. However, most of the existing…

Computer Vision and Pattern Recognition · Computer Science 2019-06-04 Cihang Xie , Zhishuai Zhang , Yuyin Zhou , Song Bai , Jianyu Wang , Zhou Ren , Alan Yuille

Deep neural networks are vulnerable to adversarial examples, which are crafted by adding small, human-imperceptible perturbations to the original images, but make the model output inaccurate predictions. Before deep neural networks are…

Computer Vision and Pattern Recognition · Computer Science 2021-01-13 Bo Yang , Kaiyong Xu , Hengjun Wang , Hengwei Zhang

Deep learning models are known to be vulnerable to adversarial examples crafted by adding human-imperceptible perturbations on benign images. Many existing adversarial attack methods have achieved great white-box attack performance, but…

Computer Vision and Pattern Recognition · Computer Science 2021-03-22 Xiaosen Wang , Jiadong Lin , Han Hu , Jingdong Wang , Kun He

Deep neural networks are known to be extremely vulnerable to adversarial examples under white-box setting. Moreover, the malicious adversaries crafted on the surrogate (source) model often exhibit black-box transferability on other models…

Computer Vision and Pattern Recognition · Computer Science 2021-08-19 Xiaosen Wang , Xuanran He , Jingdong Wang , Kun He

Convolutional neural networks have outperformed humans in image recognition tasks, but they remain vulnerable to attacks from adversarial examples. Since these data are crafted by adding imperceptible noise to normal images, their existence…

Computer Vision and Pattern Recognition · Computer Science 2021-06-10 Heng Yin , Hengwei Zhang , Jindong Wang , Ruiyu Dou

Transfer-based adversarial attacks can evaluate model robustness in the black-box setting. Several methods have demonstrated impressive untargeted transferability, however, it is still challenging to efficiently produce targeted…

Machine Learning · Computer Science 2022-07-25 Xiao Yang , Yinpeng Dong , Tianyu Pang , Hang Su , Jun Zhu

Deep neural networks are vulnerable to adversarial examples that are crafted by imposing imperceptible changes to the inputs. However, these adversarial examples are most successful in white-box settings where the model and its parameters…

Machine Learning · Computer Science 2021-12-20 Tianjin Huang , Vlado Menkovski , Yulong Pei , YuHao Wang , Mykola Pechenizkiy

Deep neural networks are widely known to be vulnerable to adversarial examples. However, vanilla adversarial examples generated under the white-box setting often exhibit low transferability across different models. Since adversarial…

Computer Vision and Pattern Recognition · Computer Science 2024-07-23 Zeliang Zhang , Wei Yao , Xiaosen Wang

Though deep neural networks perform challenging tasks excellently, they are susceptible to adversarial examples, which mislead classifiers by applying human-imperceptible perturbations on clean inputs. Under the query-free black-box…

Machine Learning · Computer Science 2020-11-05 Zifei Zhang , Kai Qiao , Jian Chen , Ningning Liang

Transfer-based adversarial example is one of the most important classes of black-box attacks. However, there is a trade-off between transferability and imperceptibility of the adversarial perturbation. Prior work in this direction often…

Computer Vision and Pattern Recognition · Computer Science 2022-12-29 Fangcheng Liu , Chao Zhang , Hongyang Zhang

Deep neural networks are vulnerable to adversarial examples crafted by applying human-imperceptible perturbations on clean inputs. Although many attack methods can achieve high success rates in the white-box setting, they also exhibit weak…

Computer Vision and Pattern Recognition · Computer Science 2023-08-22 Zhijin Ge , Fanhua Shang , Hongying Liu , Yuanyuan Liu , Liang Wan , Wei Feng , Xiaosen Wang

Deep neural networks (DNNs) are known to be susceptible to adversarial examples, leading to significant performance degradation. In black-box attack scenarios, a considerable attack performance gap between the surrogate model and the target…

Computer Vision and Pattern Recognition · Computer Science 2025-11-13 Haijing Guo , Jiafeng Wang , Zhaoyu Chen , Kaixun Jiang , Lingyi Hong , Pinxue Guo , Jinglun Li , Wenqiang Zhang

The transferability of adversarial examples across deep neural network (DNN) models is the crux of a spectrum of black-box attacks. In this paper, we propose a novel method to enhance the black-box transferability of baseline adversarial…

Computer Vision and Pattern Recognition · Computer Science 2020-08-21 Qizhang Li , Yiwen Guo , Hao Chen

It is significant to evaluate the security of existing digital image tampering localization algorithms in real-world applications. In this paper, we propose an adversarial attack scheme to reveal the reliability of such tampering…

Computer Vision and Pattern Recognition · Computer Science 2023-09-20 Yuqi Wang , Gang Cao , Zijie Lou , Haochen Zhu

Existing black-box attacks on deep neural networks (DNNs) so far have largely focused on transferability, where an adversarial instance generated for a locally trained model can "transfer" to attack other learning models. In this paper, we…

Machine Learning · Computer Science 2017-12-29 Arjun Nitin Bhagoji , Warren He , Bo Li , Dawn Song

We present a new method for black-box adversarial attack. Unlike previous methods that combined transfer-based and scored-based methods by using the gradient or initialization of a surrogate white-box model, this new method tries to learn a…

Machine Learning · Computer Science 2020-01-07 Zhichao Huang , Tong Zhang

Although deep-learning based video recognition models have achieved remarkable success, they are vulnerable to adversarial examples that are generated by adding human-imperceptible perturbations on clean video samples. As indicated in…

Computer Vision and Pattern Recognition · Computer Science 2021-12-30 Zhipeng Wei , Jingjing Chen , Zuxuan Wu , Yu-Gang Jiang

Due to the gap between a substitute model and a victim model, the gradient-based noise generated from a substitute model may have low transferability for a victim model since their gradients are different. Inspired by the fact that the…

Computer Vision and Pattern Recognition · Computer Science 2023-03-13 Boheng Zeng , LianLi Gao , QiLong Zhang , ChaoQun Li , JingKuan Song , ShuaiQi Jing
‹ Prev 1 2 3 10 Next ›