English
Related papers

Related papers: BruSLeAttack: A Query-Efficient Score-Based Black-…

200 papers

Despite our best efforts, deep learning models remain highly vulnerable to even tiny adversarial perturbations applied to the inputs. The ability to extract information from solely the output of a machine learning model to craft adversarial…

Machine Learning · Computer Science 2023-03-27 Viet Quoc Vo , Ehsan Abbasnejad , Damith C. Ranasinghe

Machine learning security has recently become a prominent topic in the natural language processing (NLP) area. The existing black-box adversarial attack suffers prohibitively from the high model querying complexity, resulting in easily…

Cryptography and Security · Computer Science 2023-10-17 Wenjie Lv , Zhen Wang , Yitao Zheng , Zhehua Zhong , Qi Xuan , Tianyi Chen

Applications of machine learning (ML) models and convolutional neural networks (CNNs) have been rapidly increased. Although state-of-the-art CNNs provide high accuracy in many applications, recent investigations show that such networks are…

Machine Learning · Computer Science 2021-10-18 Hadi Zanddizari , Behnam Zeinali , J. Morris Chang

We propose a versatile framework based on random search, Sparse-RS, for score-based sparse targeted and untargeted attacks in the black-box setting. Sparse-RS does not rely on substitute models and achieves state-of-the-art success rate and…

Machine Learning · Computer Science 2022-02-09 Francesco Croce , Maksym Andriushchenko , Naman D. Singh , Nicolas Flammarion , Matthias Hein

Neural networks have been proven to be vulnerable to a variety of adversarial attacks. From a safety perspective, highly sparse adversarial attacks are particularly dangerous. On the other hand the pixelwise perturbations of sparse attacks…

Machine Learning · Computer Science 2019-09-12 Francesco Croce , Matthias Hein

We focus on the problem of adversarial attacks against models on discrete sequential data in the black-box setting where the attacker aims to craft adversarial examples with limited query access to the victim model. Existing black-box…

Machine Learning · Computer Science 2022-06-20 Deokjae Lee , Seungyong Moon , Junhyeok Lee , Hyun Oh Song

We propose LSDAT, an image-agnostic decision-based black-box attack that exploits low-rank and sparse decomposition (LSD) to dramatically reduce the number of queries and achieve superior fooling rates compared to the state-of-the-art…

Computer Vision and Pattern Recognition · Computer Science 2021-03-23 Ashkan Esmaeili , Marzieh Edraki , Nazanin Rahnavard , Mubarak Shah , Ajmal Mian

Recent research has found that neural networks are vulnerable to several types of adversarial attacks, where the input samples are modified in such a way that the model produces a wrong prediction that misclassifies the adversarial sample.…

Machine Learning · Computer Science 2022-10-07 Jary Pomponi , Simone Scardapane , Aurelio Uncini

Sparse attacks are to optimize the magnitude of adversarial perturbations for fooling deep neural networks (DNNs) involving only a few perturbed pixels (i.e., under the l0 constraint), suitable for interpreting the vulnerability of DNNs.…

Machine Learning · Computer Science 2025-06-24 Fudong Lin , Jiadong Lou , Hao Wang , Brian Jalaian , Xu Yuan

We consider adversarial examples for image classification in the black-box decision-based setting. Here, an attacker cannot access confidence scores, but only the final label. Most attacks for this scenario are either unreliable or…

Machine Learning · Statistics 2021-04-30 Thomas Brunner , Frederik Diehl , Michael Truong Le , Alois Knoll

Currently, a plethora of saliency models based on deep neural networks have led great breakthroughs in many complex high-level vision tasks (e.g. scene description, object detection). The robustness of these models, however, has not yet…

Computer Vision and Pattern Recognition · Computer Science 2019-04-03 Zhaohui Che , Ali Borji , Guangtao Zhai , Suiyi Ling , Guodong Guo , Patrick Le Callet

Deep neural networks have shown their vulnerability to adversarial attacks. In this paper, we focus on sparse adversarial attack based on the $\ell_0$ norm constraint, which can succeed by only modifying a few pixels of an image. Despite a…

Computer Vision and Pattern Recognition · Computer Science 2021-06-01 Ziwen He , Wei Wang , Jing Dong , Tieniu Tan

We present a new method for score-based adversarial attack, where the attacker queries the loss-oracle of the target model. Our method employs a parameterized search space with a structure that captures the relationship of the gradient of…

Machine Learning · Computer Science 2020-10-06 Zhichao Huang , Yaowei Huang , Tong Zhang

Adversarial black-box attacks aim to craft adversarial perturbations by querying input-output pairs of machine learning models. They are widely used to evaluate the robustness of pre-trained models. However, black-box attacks often suffer…

Machine Learning · Computer Science 2020-11-11 Lu Wang , Huan Zhang , Jinfeng Yi , Cho-Jui Hsieh , Yuan Jiang

Clustering algorithms are used in a large number of applications and play an important role in modern machine learning-- yet, adversarial attacks on clustering algorithms seem to be broadly overlooked unlike supervised learning. In this…

Machine Learning · Computer Science 2019-11-19 Anshuman Chhabra , Abhishek Roy , Prasant Mohapatra

We propose the Square Attack, a score-based black-box $l_2$- and $l_\infty$-adversarial attack that does not rely on local gradient information and thus is not affected by gradient masking. Square Attack is based on a randomized search…

Machine Learning · Computer Science 2020-07-30 Maksym Andriushchenko , Francesco Croce , Nicolas Flammarion , Matthias Hein

We focus on the problem of black-box adversarial attacks, where the aim is to generate adversarial examples for deep learning models solely based on information limited to output label~(hard label) to a queried data input. We propose a…

Machine Learning · Computer Science 2021-06-14 Satya Narayan Shukla , Anit Kumar Sahu , Devin Willmott , J. Zico Kolter

This work studies sparse adversarial perturbations, including both unstructured and structured ones. We propose a framework based on a white-box PGD-like attack method named Sparse-PGD to effectively and efficiently generate such…

Machine Learning · Computer Science 2025-11-21 Xuyang Zhong , Chen Liu

Recent works have shown that deep neural networks are vulnerable to adversarial examples that find samples close to the original image but can make the model misclassify. Even with access only to the model's output, an attacker can employ…

Machine Learning · Computer Science 2023-10-03 Quang H. Nguyen , Yingjie Lao , Tung Pham , Kok-Seng Wong , Khoa D. Doan

The research in the field of adversarial attacks and models' vulnerability is one of the fundamental directions in modern machine learning. Recent studies reveal the vulnerability phenomenon, and understanding the mechanisms behind this is…

Machine Learning · Computer Science 2024-01-26 Kseniia Kuvshinova , Olga Tsymboi , Ivan Oseledets
‹ Prev 1 2 3 10 Next ›