Hessian-Aware Zeroth-Order Optimization for Black-Box Adversarial Attack
share
Zeroth-order optimization or derivative-free optimization is an important research topic in machine learning. In recent, it has become a key tool in black-box adversarial attack to neural network based image classifiers. However, existing zeroth-order optimization algorithms rarely extract Hessian information of the model function. In this paper, we utilize the second-order information of the objective function and propose a novel Hessian-aware zeroth-order algorithm called ZO-HessAware. Our theoretical result shows that ZO-HessAware has an improved zeroth-order convergence rate and query complexity under structured Hessian approximation, where we propose a few approximation methods of such. Our empirical studies on the black-box adversarial attack problem validate that our algorithm can achieve improved success rates with a lower query complexity.
READ FULL TEXT
