Blacklight: Scalable defense for neural networks against {Query-Based}{Black-Box} attacks
Deep learning systems are known to be vulnerable to adversarial examples. In particular,
query-based black-box attacks do not require knowledge of the deep learning model, but …
query-based black-box attacks do not require knowledge of the deep learning model, but …
Guessing smart: Biased sampling for efficient black-box adversarial attacks
We consider adversarial examples for image classification in the black-box decision-based
setting. Here, an attacker cannot access confidence scores, but only the final label. Most …
setting. Here, an attacker cannot access confidence scores, but only the final label. Most …
A frank-wolfe framework for efficient and effective adversarial attacks
Depending on how much information an adversary can access to, adversarial attacks can be
classified as white-box attack and black-box attack. For white-box attack, optimization-based …
classified as white-box attack and black-box attack. For white-box attack, optimization-based …
Robustness with query-efficient adversarial attack using reinforcement learning
A measure of robustness against naturally occurring distortions is key to safety, success, and
trustworthiness of machine learning models on deployment. We propose an adversarial …
trustworthiness of machine learning models on deployment. We propose an adversarial …
Parallel rectangle flip attack: A query-based black-box attack against object detection
Object detection has been widely used in many safety-critical tasks, such as autonomous
driving. However, its vulnerability to adversarial examples has not been sufficiently studied …
driving. However, its vulnerability to adversarial examples has not been sufficiently studied …
Sign-opt: A query-efficient hard-label adversarial attack
We study the most practical problem setup for evaluating adversarial robustness of a
machine learning system with limited access: the hard-label black-box attack setting for …
machine learning system with limited access: the hard-label black-box attack setting for …
T-sea: Transfer-based self-ensemble attack on object detection
Compared to query-based black-box attacks, transfer-based black-box attacks do not
require any information of the attacked models, which ensures their secrecy. However, most …
require any information of the attacked models, which ensures their secrecy. However, most …
Sparse-rs: a versatile framework for query-efficient sparse black-box adversarial attacks
We propose a versatile framework based on random search, Sparse-RS, for score-based
sparse targeted and untargeted attacks in the black-box setting. Sparse-RS does not rely on …
sparse targeted and untargeted attacks in the black-box setting. Sparse-RS does not rely on …
Projection & probability-driven black-box attack
Generating adversarial examples in a black-box setting retains a significant challenge with
vast practical application prospects. In particular, existing black-box attacks suffer from the …
vast practical application prospects. In particular, existing black-box attacks suffer from the …
Practical black-box attacks on deep neural networks using efficient query mechanisms
Existing black-box attacks on deep neural networks (DNNs) have largely focused on
transferability, where an adversarial instance generated for a locally trained model can …
transferability, where an adversarial instance generated for a locally trained model can …