Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks

被引:9
作者
Mahmood, Kaleel [1 ]
Mahmood, Rigel [1 ]
Rathbun, Ethan [1 ]
van Dijk, Marten [2 ]
机构
[1] Univ Connecticut, Dept Comp Sci & Engn, Storrs, CT 06268 USA
[2] CWI Amsterdam, NL-1098 XG Amsterdam, Netherlands
关键词
Adversarial machine learning; Training; Task analysis; Training data; Licenses; Image recognition; Security; adversarial examples; adversarial defense; black-box attack; security; deep learning;
D O I
10.1109/ACCESS.2021.3138338
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The field of adversarial machine learning has experienced a near exponential growth in the amount of papers being produced since 2018. This massive information output has yet to be properly processed and categorized. In this paper, we seek to help alleviate this problem by systematizing the recent advances in adversarial machine learning black-box attacks since 2019. Our survey summarizes and categorizes 20 recent black-box attacks. We also present a new analysis for understanding the attack success rate with respect to the adversarial model used in each paper. Overall, our paper surveys a wide body of literature to highlight recent attack developments and organizes them into four attack categories: score based attacks, decision based attacks, transfer attacks and non-traditional attacks. Further, we provide a new mathematical framework to show exactly how attack results can fairly be compared.
引用
收藏
页码:998 / 1019
页数:22
相关论文
共 50 条
  • [41] Efficient Local Imperceptible Random Search for Black-Box Adversarial Attacks
    Li, Yining
    You, Shu
    Chen, Yihan
    Li, Zhenhua
    ADVANCED INTELLIGENT COMPUTING TECHNOLOGY AND APPLICATIONS, PT XI, ICIC 2024, 2024, 14872 : 325 - 336
  • [42] Adversarial Black-Box Attacks with Timing Side-Channel Leakage
    Nakai, Tsunato
    Suzuki, Daisuke
    Omatsu, Fumio
    Fujino, Takeshi
    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2021, E104A (01) : 143 - 151
  • [43] Ensemble adversarial black-box attacks against deep learning systems
    Hang, Jie
    Han, Keji
    Chen, Hui
    Li, Yun
    PATTERN RECOGNITION, 2020, 101
  • [44] Detection Tolerant Black-Box Adversarial Attack Against Automatic Modulation Classification With Deep Learning
    Qi, Peihan
    Jiang, Tao
    Wang, Lizhan
    Yuan, Xu
    Li, Zan
    IEEE TRANSACTIONS ON RELIABILITY, 2022, 71 (02) : 674 - 686
  • [45] Boosting Targeted Black-Box Attacks via Ensemble Substitute Training and Linear Augmentation
    Gao, Xianfeng
    Tan, Yu-an
    Jiang, Hongwei
    Zhang, Quanxin
    Kuang, Xiaohui
    APPLIED SCIENCES-BASEL, 2019, 9 (11):
  • [46] Black-box adversarial attacks against image quality assessment models
    Ran, Yu
    Zhang, Ao-Xiang
    Li, Mingjie
    Tang, Weixuan
    Wang, Yuan-Gen
    EXPERT SYSTEMS WITH APPLICATIONS, 2025, 260
  • [47] Black-box adversarial transferability: An empirical study in cybersecurity perspective
    Roshan, Khushnaseeb
    Zafar, Aasim
    COMPUTERS & SECURITY, 2024, 141
  • [48] Black-Box Based Limited Query Membership Inference Attack
    Zhang, Yu
    Zhou, Huaping
    Wang, Pengyan
    Yang, Gaoming
    IEEE ACCESS, 2022, 10 : 55459 - 55468
  • [49] Query-Efficient Black-Box Adversarial Attacks Guided by a Transfer-Based Prior
    Dong, Yinpeng
    Cheng, Shuyu
    Pang, Tianyu
    Su, Hang
    Zhu, Jun
    IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, 2022, 44 (12) : 9536 - 9548
  • [50] Black-box attacks on face recognition via affine-invariant training
    Bowen Sun
    Hang Su
    Shibao Zheng
    Neural Computing and Applications, 2024, 36 : 8549 - 8564