Decision-Based Query Efficient Adversarial Attack via Adaptive Boundary Learning

Meng Shen; Changyue Li; Hao Yu; Qi Li; Liehuang Zhu; Ke Xu

Decision-Based Query Efficient Adversarial Attack via Adaptive Boundary Learning

Meng Shen, Changyue Li, Hao Yu, Qi Li, Liehuang Zhu, Ke Xu

Published: 01 Jan 2024, Last Modified: 05 Feb 2025IEEE Trans. Dependable Secur. Comput. 2024EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: Decision-based adversarial attacks pose a severe threat to real-world applications of Deep Neural Networks (DNNs), as attackers are assumed to have no prior knowledge about target model except hard labels of model outputs. Existing decision-based attacks require a large number of queries on the target model for a successful attack. In this article, we propose DEAL, a decision-based query efficient adversarial attack based on adaptive boundary learning. DEAL relies on a local model initialized through meta-learning mechanism to obtain the ability to fit new decision boundaries. We conduct extensive experiments to evaluate the effectiveness of DEAL, which demonstrates that it outperforms 8 state-of-the-art attacks. Specifically for the evaluation on CIFAR-10 dataset, DEAL achieves similar attack success rates with a maximum query reduction of 51% in untargeted attacks and 14% in targeted attacks, respectively.

Loading