Blackbox Attacks via Surrogate Ensemble Search

Jan-24-2025, 21:16:35 GMT–Neural Information Processing Systems

Blackbox adversarial attacks can be categorized into transfer-and query-based attacks. Transfer methods do not require any feedback from the victim model, but provide lower success rates compared to query-based methods. Query attacks often require a large number of queries for success. To achieve the best of both approaches, recent efforts have tried to combine them, but still require hundreds of queries to achieve high success rates (especially for targeted attacks). In this paper, we propose a novel method for Blackbox Attacks via Surrogate Ensemble Search (BASES) that can generate highly successful blackbox attacks using an extremely small number of queries.

artificial intelligence, machine learning, query, (18 more...)

Neural Information Processing Systems

Jan-24-2025, 21:16:35 GMT

Conferences PDF

Add feedback

Country:
- North America > United States (0.46)

Genre:
- Research Report > New Finding (0.93)

Industry:
- Government > Military (0.68)
- Information Technology > Security & Privacy (0.68)

Technology:
- Information Technology > Artificial Intelligence
  - Machine Learning > Neural Networks
    - Deep Learning (0.68)
  - Vision (1.00)