T Brunner, F Diehl, MT Le… - Proceedings of the IEEE …, 2019 - openaccess.thecvf.com
We consider adversarial examples for image classification in the black-box decision-based setting. Here, an attacker cannot access confidence scores, but only the final label. Most …
J Chen, D Zhou, J Yi, Q Gu - Proceedings of the AAAI conference on …, 2020 - ojs.aaai.org
Depending on how much information an adversary can access to, adversarial attacks can be classified as white-box attack and black-box attack. For white-box attack, optimization-based …
A measure of robustness against naturally occurring distortions is key to safety, success, and trustworthiness of machine learning models on deployment. We propose an adversarial …
Object detection has been widely used in many safety-critical tasks, such as autonomous driving. However, its vulnerability to adversarial examples has not been sufficiently studied …
We study the most practical problem setup for evaluating adversarial robustness of a machine learning system with limited access: the hard-label black-box attack setting for …
Compared to query-based black-box attacks, transfer-based black-box attacks do not require any information of the attacked models, which ensures their secrecy. However, most …
We propose a versatile framework based on random search, Sparse-RS, for score-based sparse targeted and untargeted attacks in the black-box setting. Sparse-RS does not rely on …
J Li, R Ji, H Liu, J Liu, B Zhong… - Proceedings of the …, 2020 - openaccess.thecvf.com
Generating adversarial examples in a black-box setting retains a significant challenge with vast practical application prospects. In particular, existing black-box attacks suffer from the …
AN Bhagoji, W He, B Li, D Song - Proceedings of the …, 2018 - openaccess.thecvf.com
Existing black-box attacks on deep neural networks (DNNs) have largely focused on transferability, where an adversarial instance generated for a locally trained model can …