Decision-Based Query Efficient Adversarial Attack via Adaptive Boundary Learning

Decision-based adversarial attacks pose a severe threat to real-world applications of Deep Neural Networks (DNNs), as attackers are assumed to have no prior knowledge about target model except hard labels of model outputs. Existing decision-based attacks require a large number of queries on the target model for a successful attack. In this article, we propose DEAL, a decision-based query efficient adversarial attack based on adaptive boundary learning. DEAL relies on a local model initialized through meta-learning mechanism to obtain the ability to fit new decision boundaries. We conduct extensive experiments to evaluate the effectiveness of DEAL, which demonstrates that it outperforms 8 state-of-the-art attacks. Specifically for the evaluation on CIFAR-10 dataset, DEAL achieves similar attack success rates with a maximum query reduction of 51% in untargeted attacks and 14% in targeted attacks, respectively.