Pixle: a fast and effective black-box attack based on rearranging pixels

被引:14
作者
Pomponi, Jary [1 ]
Scardapane, Simone [1 ]
Uncini, Aurelio [1 ]
机构
[1] Sapienza Univ Rome, Dept Informat Engn Elect & Telecommun DIET, Rome, Italy
来源
2022 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN) | 2022年
关键词
Adversarial Attack; Neural Networks; Random Search; Differential Evolution;
D O I
10.1109/IJCNN55064.2022.9892966
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Recent research has found that neural networks are vulnerable to several types of adversarial attacks, where the input samples are modified in such a way that the model produces a wrong prediction that misclassifies the adversarial sample. In this paper we focus on black-box adversarial attacks, that can be performed without knowing the inner structure of the attacked model, nor the training procedure, and we propose a novel attack that is capable of correctly attacking a high percentage of samples by rearranging a small number of pixels within the attacked image. We demonstrate that our attack works on a large number of datasets and models, that it requires a small number of iterations, and that the distance between the original sample and the adversarial one is negligible to the human eye.
引用
收藏
页数:7
相关论文
共 50 条
[41]   RLVS: A Reinforcement Learning-Based Sparse Adversarial Attack Method for Black-Box Video Recognition [J].
Song, Jianxin ;
Yu, Dan ;
Teng, Hongfei ;
Chen, Yongle .
ELECTRONICS, 2025, 14 (02)
[42]   A Black-Box Adversarial Attack via Deep Reinforcement Learning on the Feature Space [J].
Li, Lyue ;
Rezapour, Amir ;
Tzeng, Wen-Guey .
2021 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (DSC), 2021,
[43]   Black-Box Adversarial Attack on Graph Neural Networks With Node Voting Mechanism [J].
Wen, Liangliang ;
Liang, Jiye ;
Yao, Kaixuan ;
Wang, Zhiqiang .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2024, 36 (10) :5025-5038
[44]   Black-Box Dissector: Towards Erasing-Based Hard-Label Model Stealing Attack [J].
Wang, Yixu ;
Li, Jie ;
Liu, Hong ;
Wang, Yan ;
Wu, Yongjian ;
Huang, Feiyue ;
Ji, Rongrong .
COMPUTER VISION - ECCV 2022, PT V, 2022, 13665 :192-208
[45]   Black-Box Buster: A Robust Zero-Shot Transfer-Based Adversarial Attack Method [J].
Zhang, Yuxuan ;
Wang, Zhaoyang ;
Zhang, Boyang ;
Wen, Yu ;
Meng, Dan .
INFORMATION AND COMMUNICATIONS SECURITY (ICICS 2021), PT II, 2021, 12919 :39-54
[46]   Efficient Query-based Black-box Attack against Cross-modal Hashing Retrieval [J].
Zhu, Lei ;
Wang, Tianshi ;
Li, Jingjing ;
Zhang, Zheng ;
Shen, Jialie ;
Wang, Xinhua .
ACM TRANSACTIONS ON INFORMATION SYSTEMS, 2023, 41 (03)
[47]   A Brute-Force Black-Box Method to Attack Machine Learning-Based Systems in Cybersecurity [J].
Zhang, Sicong ;
Xie, Xiaoyao ;
Xu, Yang .
IEEE ACCESS, 2020, 8 :128250-128263
[48]   Black-box l1 and l2 Adversarial Attack Based on Genetic Algorithm [J].
Sun, Jiyuan ;
Yu, Haibo ;
Zhao, Jianjun .
2024 IEEE INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE TESTING, AITEST, 2024, :101-108
[49]   Pseudo-Siamese Network based Timbre-reserved Black-box Adversarial Attack in Speaker Identification [J].
Wang, Qing ;
Yao, Jixun ;
Wang, Ziqian ;
Guo, Pengcheng ;
Xie, Lei .
INTERSPEECH 2023, 2023, :3994-3998
[50]   Stealthy Black-Box Attack With Dynamic Threshold Against MARL-Based Traffic Signal Control System [J].
Ren, Yan ;
Zhang, Heng ;
Du, Linkang ;
Zhang, Zhikun ;
Zhang, Jian ;
Li, Hongran .
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2024, 20 (10) :12021-12031