Enhancing the Transferability of Adversarial Attacks with Nesterov Accelerated Gradient and Input Transformation
2023 China Automation Congress (CAC)(2023)
摘要
Recently, black-box attacks that are produced by leveraging the transferability of adversarial examples have garnered considerable attention. Nonetheless, existing black-box attacks often overfit the source model, leading to a reduced success rate. Therefore, in this paper, we propose a data transformation technique to increase the attack performance of such attacks by bolstering their transferability. Our transformation method constitutes a loss-preserving transformation, which can be viewed as a model expansion strategy to alleviate overfitting. Furthermore, we incorporate the Nesterov accelerated gradient to optimize the searching process of the attack production procedure. Finally, comprehensive comparisons on the NISP 2017 dataset with existing methods reveal that our approach can significantly enhance the transferability of black-box attacks.
更多查看译文
关键词
adversarial example,black-box attack,Nesterov accelerated gradient,transferability
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要