Decision-Based Query Efficient Adversarial Attack via Adaptive Boundary Learning

被引：0

作者：

Shen, Meng ^{[1
]}

Li, Changyue ^{[1
]}

Yu, Hao ^{[2
]}

Li, Qi ^{[3
]}

Zhu, Liehuang ^{[1
]}

Xu, Ke ^{[4
]}

机构：

[1] Beijing Inst Technol, Sch Cyberspace Sci & Technol, Beijing 100081, Peoples R China

[2] Natl Univ Def Technol, Coll Comp, Changsha 2410073, Peoples R China

[3] Tsinghua Univ, Inst Network Sci & Cyberspace, Beijing 100190, Peoples R China

[4] Tsinghua Univ, Dept Comp Sci, Beijing 100190, Peoples R China

来源：

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING | 2024年 / 21卷 / 04期

基金：

国家重点研发计划; 北京市自然科学基金;

关键词：

Adaptation models; Perturbation methods; Optimization; Training; Task analysis; Predictive models; Metalearning; Adversarial attack; black-box attack; decision-based; meta-learning; query efficiency;

D O I：

10.1109/TDSC.2023.3289298

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Decision-based adversarial attacks pose a severe threat to real-world applications of Deep Neural Networks (DNNs), as attackers are assumed to have no prior knowledge about target model except hard labels of model outputs. Existing decision-based attacks require a large number of queries on the target model for a successful attack. In this article, we propose DEAL, a decision-based query efficient adversarial attack based on adaptive boundary learning. DEAL relies on a local model initialized through meta-learning mechanism to obtain the ability to fit new decision boundaries. We conduct extensive experiments to evaluate the effectiveness of DEAL, which demonstrates that it outperforms 8 state-of-the-art attacks. Specifically for the evaluation on CIFAR-10 dataset, DEAL achieves similar attack success rates with a maximum query reduction of 51% in untargeted attacks and 14% in targeted attacks, respectively.

引用

页码：1740 / 1753

页数：14

共 50 条

[41] Query-efficient black-box ensemble attack via dynamic surrogate weighting
Hu, Cong
He, Zhichao
Wu, Xiaojun
PATTERN RECOGNITION, 2025, 161
[42] Efficient Query-based Black-box Attack against Cross-modal Hashing Retrieval
Zhu, Lei
Wang, Tianshi
Li, Jingjing
Zhang, Zheng
Shen, Jialie
Wang, Xinhua
ACM TRANSACTIONS ON INFORMATION SYSTEMS, 2023, 41 (03)
[43] Adversarial Attack against DoS Intrusion Detection: An Improved Boundary-Based Method
Peng, Xiao
Huang, Weiqing
Shi, Zhixin
2019 IEEE 31ST INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2019), 2019, : 1288 - 1295
[44] MISPSO-Attack: An efficient adversarial watermarking attack based on multiple initial solution particle swarm optimization☆
Zuo, Xianyu
Wang, Xiangyu
Zhang, Wenbo
Wang, Yadi
APPLIED SOFT COMPUTING, 2023, 147
[45] SPARSE ADVERSARIAL ATTACK FOR VIDEO VIA GRADIENT-BASED KEYFRAME SELECTION
Xu, Yixiao
Liu, Xiaolei
Yin, Mingyong
Hu, Teng
Ding, Kangyi
2022 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH AND SIGNAL PROCESSING (ICASSP), 2022, : 2874 - 2878
[46] A New Black Box Attack Generating Adversarial Examples Based on Reinforcement Learning
Xiao, Wenli
Jiang, Hao
Xia, Song
2020 INFORMATION COMMUNICATION TECHNOLOGIES CONFERENCE (ICTC), 2020, : 141 - 146
[47] ESDB: Expand the Shrinking Decision Boundary via One-to-Many Information Matching for Continual Learning With Small Memory
Li, Kunchi
Chen, Hongyang
Wan, Jun
Yu, Shan
IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, 2024, 34 (08) : 7328 - 7343
[48] Availability Adversarial Attack and Countermeasures for Deep Learning-based Load Forecasting
Xu, Wangkun
Teng, Fei
2023 IEEE BELGRADE POWERTECH, 2023,
[49] Communication-Efficient Distributed Learning via Sparse and Adaptive Stochastic Gradient
Deng, Xiaoge
Li, Dongsheng
Sun, Tao
Lu, Xicheng
IEEE TRANSACTIONS ON BIG DATA, 2025, 11 (01) : 234 - 246
[50] An Adversarial Attack Based on Incremental Learning Techniques for Unmanned in 6G Scenes
Lv, Huanhuan
Wen, Mi
Lu, Rongxing
Li, Jinguo
IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, 2021, 70 (06) : 5254 - 5264

← 1 2 3 4 5 →