Name
Abstract | ||
|---|---|---|
Black-box adversarial attacks require a large number of attempts before finding successful adversarial examples that are visually indistinguishable from the original input. Current approaches relying on substitute model training, gradient estimation or genetic algorithms often require an excessive number of queries. Therefore, they are not suitable for real-world systems where the maximum query number is limited due to cost. We propose a query-efficient black-box attack which uses Bayesian optimisation in combination with Bayesian model selection to optimise over the adversarial perturbation and the optimal degree of search space dimension reduction. We demonstrate empirically that our method can achieve comparable success rates with 2-5 times fewer queries compared to previous state-of-the-art black-box attacks. |
Year | Venue | Keywords |
|---|---|---|
2020 | ICLR | Black-box Adversarial Attack, Bayesian Optimisation, Gaussian Process |
DocType | Citations | PageRank |
Conference | 0 | 0.34 |
References | Authors | |
0 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Bin Xin Ru | 1 | 1 | 4.42 |
| Adam Cobb | 2 | 0 | 0.34 |
| Arno Blaas | 3 | 0 | 1.01 |
| Gal, Yarin | 4 | 665 | 37.30 |