Query-Efficient Adversarial Attack Based on Latin Hypercube Sampling

07/05/2022
by   Dan Wang, et al.
0

In order to be applicable in real-world scenario, Boundary Attacks (BAs) were proposed and ensured one hundred percent attack success rate with only decision information. However, existing BA methods craft adversarial examples by leveraging a simple random sampling (SRS) to estimate the gradient, consuming a large number of model queries. To overcome the drawback of SRS, this paper proposes a Latin Hypercube Sampling based Boundary Attack (LHS-BA) to save query budget. Compared with SRS, LHS has better uniformity under the same limited number of random samples. Therefore, the average on these random samples is closer to the true gradient than that estimated by SRS. Various experiments are conducted on benchmark datasets including MNIST, CIFAR, and ImageNet-1K. Experimental results demonstrate the superiority of the proposed LHS-BA over the state-of-the-art BA methods in terms of query efficiency. The source codes are publicly available at https://github.com/GZHU-DVL/LHS-BA.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
08/06/2023

CGBA: Curvature-aware Geometric Black-box Attack

Decision-based black-box attacks often necessitate a large number of que...
research
11/29/2019

Square Attack: a query-efficient black-box adversarial attack via random search

We propose the Square Attack, a new score-based black-box l_2 and l_∞ ad...
research
06/10/2021

Progressive-Scale Boundary Blackbox Attack via Projective Gradient Estimation

Boundary based blackbox attack has been recognized as practical and effe...
research
02/25/2021

Nonlinear Projection Based Gradient Estimation for Query Efficient Blackbox Attacks

Gradient estimation and vector space projection have been studied as two...
research
02/20/2023

Efficient Algorithms for Boundary Defense with Heterogeneous Defenders

This paper studies the problem of defending (1D and 2D) boundaries again...
research
04/03/2019

Boundary Attack++: Query-Efficient Decision-Based Adversarial Attack

Decision-based adversarial attack studies the generation of adversarial ...
research
06/07/2023

Extracting Cloud-based Model with Prior Knowledge

Machine Learning-as-a-Service, a pay-as-you-go business pattern, is wide...

Please sign up or login with your details

Forgot password? Click here to reset