Without access to the training data where a black-box victim model is deployed, training a
surrogate model for black-box adversarial attack is still a struggle. In terms of data, we …

In this work, we study the black-box targeted attack problem from the model discrepancy
perspective. On the theoretical side, we present a generalization error bound for black-box …

This work studies black-box adversarial attacks against deep neural networks (DNNs),
where the attacker can only access the query feedback returned by the attacked DNN …

Deep models have shown their vulnerability when processing adversarial samples. As for
the black-box attack, without access to the architecture and weights of the attacked model …

Transferability of adversarial examples is critical for black-box deep learning model attacks.
While most existing studies focus on enhancing the transferability of untargeted adversarial …

This paper addresses the challenging black-box adversarial attack problem, where only
classification confidence of a victim model is available. Inspired by consistency of visual …

In recent years, research on adversarial attacks has become a hot spot. Although current
literature on the transfer-based adversarial attack has achieved promising results for …

Neural networks are known to be vulnerable to carefully crafted adversarial examples, and
these malicious samples often transfer, ie, they remain adversarial even against other …

The transferability of adversarial examples across deep neural networks (DNNs) is the crux
of many black-box attacks. Many prior efforts have been devoted to improving the …

An intriguing property of adversarial examples is their transferability, which suggests that
black-box attacks are feasible in real-world applications. Previous works mostly study the …