Timezone: »
Solving for adversarial examples with projected gradient descent has been demonstrated to be highly effective in fooling the neural network based classifiers. However, in the black-box setting, the attacker is limited only to the query access to the network and solving for a successful adversarial example becomes much more difficult. To this end, recent methods aim at estimating the true gradient signal based on the input queries but at the cost of excessive queries.
We propose an efficient discrete surrogate to the optimization problem which does not require estimating the gradient and consequently becomes free of the first order update hyperparameters to tune. Our experiments on Cifar-10 and ImageNet show the state of the art black-box attack performance with significant reduction in the required queries compared to a number of recently proposed methods.
Author Information
Seungyong Moon (Seoul National University)
Gaon An (Seoul National University)
Hyun Oh Song (Seoul National University)
Related Events (a corresponding poster, oral, or spotlight)
-
2019 Poster: Parsimonious Black-Box Adversarial Attacks via Efficient Combinatorial Optimization »
Thu. Jun 13th 01:30 -- 04:00 AM Room Pacific Ballroom #66
More from the Same Authors
-
2023 Poster: Efficient Latency-Aware CNN Depth Compression via Two-Stage Dynamic Programming »
Jinuk Kim · Yeonwoo Jeong · Deokjae Lee · Hyun Oh Song -
2022 Poster: Dataset Condensation via Efficient Synthetic-Data Parameterization »
Jang-Hyun Kim · Jinuk Kim · Seong Joon Oh · Sangdoo Yun · Hwanjun Song · Joonhyun Jeong · Jung-Woo Ha · Hyun Oh Song -
2022 Spotlight: Dataset Condensation via Efficient Synthetic-Data Parameterization »
Jang-Hyun Kim · Jinuk Kim · Seong Joon Oh · Sangdoo Yun · Hwanjun Song · Joonhyun Jeong · Jung-Woo Ha · Hyun Oh Song -
2022 Poster: Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization »
Deokjae Lee · Seungyong Moon · Junhyeok Lee · Hyun Oh Song -
2022 Spotlight: Query-Efficient and Scalable Black-Box Adversarial Attacks on Discrete Sequential Data via Bayesian Optimization »
Deokjae Lee · Seungyong Moon · Junhyeok Lee · Hyun Oh Song -
2020 Poster: Puzzle Mix: Exploiting Saliency and Local Statistics for Optimal Mixup »
Jang-Hyun Kim · Wonho Choo · Hyun Oh Song -
2019 Poster: Learning Discrete and Continuous Factors of Data via Alternating Disentanglement »
Yeonwoo Jeong · Hyun Oh Song -
2019 Oral: Learning Discrete and Continuous Factors of Data via Alternating Disentanglement »
Yeonwoo Jeong · Hyun Oh Song -
2019 Poster: EMI: Exploration with Mutual Information »
Hyoungseok Kim · Jaekyeom Kim · Yeonwoo Jeong · Sergey Levine · Hyun Oh Song -
2019 Oral: EMI: Exploration with Mutual Information »
Hyoungseok Kim · Jaekyeom Kim · Yeonwoo Jeong · Sergey Levine · Hyun Oh Song -
2018 Poster: Efficient end-to-end learning for quantizable representations »
Yeonwoo Jeong · Hyun Oh Song -
2018 Oral: Efficient end-to-end learning for quantizable representations »
Yeonwoo Jeong · Hyun Oh Song