BruSLeAttack: A Query-Efficient Score-Based Black-Box Sparse Adversarial Attack

arXiv:2404.05311v1 Announce Type: new
Abstract: We study the unique, less-well understood problem of generating sparse adversarial samples simply by observing the score-based replies to model queries. Sparse attacks aim to discover a minimum number-the l0 bounded-perturbations to model inputs to craft adversarial examples and misguide model decisions. But, in contrast to query-based dense attack counterparts against black-box models, constructing sparse adversarial perturbations, even when models serve confidence score information to queries in a score-based setting, is non-trivial. Because, such an …

abstract adversarial adversarial examples aim arxiv attacks box contrast craft cs.cr cs.lg decisions examples inputs queries query samples study type