X Wang, X He, J Wang, K He - Proceedings of the IEEE/CVF …, 2021 - openaccess.thecvf.com
Deep neural networks are known to be extremely vulnerable to adversarial examples under white-box setting. Moreover, the malicious adversaries crafted on the surrogate (source) …
Z Yuan, J Zhang, Y Jia, C Tan… - Proceedings of the …, 2021 - openaccess.thecvf.com
In recent years, research on adversarial attacks has become a hot spot. Although current literature on the transfer-based adversarial attack has achieved promising results for …
M Zhou, J Wu, Y Liu, S Liu… - Proceedings of the IEEE …, 2020 - openaccess.thecvf.com
Abstract Machine learning models are vulnerable to adversarial examples. For the black-box setting, current substitute attacks need pre-trained models to generate adversarial …
Classic black-box adversarial attacks can take advantage of transferable adversarial examples generated by a similar substitute model to successfully fool the target model …
It is widely recognized that deep learning models lack robustness to adversarial examples. An intriguing property of adversarial examples is that they can transfer across different …
Y Liu, X Chen, C Liu, D Song - arXiv preprint arXiv:1611.02770, 2016 - arxiv.org
An intriguing property of deep neural networks is the existence of adversarial examples, which can transfer among different architectures. These transferable adversarial examples …
Q Huang, I Katsman, H He, Z Gu… - Proceedings of the …, 2019 - openaccess.thecvf.com
Neural networks are vulnerable to adversarial examples, malicious inputs crafted to fool trained models. Adversarial examples often exhibit black-box transfer, meaning that …
Z Wang, H Guo, Z Zhang, W Liu… - Proceedings of the …, 2021 - openaccess.thecvf.com
Transferability of adversarial examples is of central importance for attacking an unknown model, which facilitates adversarial attacks in more practical scenarios, eg, blackbox attacks …
M Li, C Deng, T Li, J Yan, X Gao… - Proceedings of the …, 2020 - openaccess.thecvf.com
An intriguing property of adversarial examples is their transferability, which suggests that black-box attacks are feasible in real-world applications. Previous works mostly study the …