STDatav2: Accessing Efficient Black-Box Stealing for Adversarial Attacks

X Sun, G Cheng, H Li, C Lang… - IEEE Transactions on …, 2024 - ieeexplore.ieee.org
On account of the extreme settings, stealing the black-box model without its training data is
difficult in practice. On this topic, along the lines of data diversity, this paper substantially …

Defenses in adversarial machine learning: A survey

B Wu, S Wei, M Zhu, M Zheng, Z Zhu, M Zhang… - arXiv preprint arXiv …, 2023 - arxiv.org
Adversarial phenomenon has been widely observed in machine learning (ML) systems,
especially in those using deep neural networks, describing that ML systems may produce …

Certifiable Black-Box Attacks with Randomized Adversarial Examples: Breaking Defenses with Provable Confidence

H Hong, X Zhang, B Wang, Z Ba, Y Hong - … of the 2024 on ACM SIGSAC …, 2024 - dl.acm.org
Black-box adversarial attacks have demonstrated strong potential to compromise machine
learning models by iteratively querying the target model or leveraging transferability from a …

Stateful defenses for machine learning models are not yet secure against black-box attacks

R Feng, A Hooda, N Mangaokar, K Fawaz… - Proceedings of the …, 2023 - dl.acm.org
Recent work has proposed stateful defense models (SDMs) as a compelling strategy to
defend against a black-box attacker who only has query access to the model, as is common …

Investigating catastrophic overfitting in fast adversarial training: a self-fitting perspective

Z He, T Li, S Chen, X Huang - Proceedings of the IEEE/CVF …, 2023 - openaccess.thecvf.com
Although fast adversarial training provides an efficient approach for building robust
networks, it may suffer from a serious problem known as catastrophic overfitting (CO), where …

Attacks in adversarial machine learning: A systematic survey from the life-cycle perspective

B Wu, Z Zhu, L Liu, Q Liu, Z He, S Lyu - arXiv preprint arXiv:2302.09457, 2023 - arxiv.org
Adversarial machine learning (AML) studies the adversarial phenomenon of machine
learning, which may make inconsistent or unexpected predictions with humans. Some …

SAT: A Selective Adversarial Training Approach for WiFi-based Human Activity Recognition

Y Pan, Z Zhou, W Gong, Y Fang - IEEE Transactions on Mobile …, 2024 - ieeexplore.ieee.org
Recently, the continuous evolution of deep learning has opened up promising avenues to
groundbreaking advancements in wireless sensing systems, which significantly enhance the …

Adversarial Training on Purification (AToP): Advancing Both Robustness and Generalization

G Lin, C Li, J Zhang, T Tanaka, Q Zhao - arXiv preprint arXiv:2401.16352, 2024 - arxiv.org
The deep neural networks are known to be vulnerable to well-designed adversarial attacks.
The most successful defense technique based on adversarial training (AT) can achieve …

BlackboxBench: A Comprehensive Benchmark of Black-box Adversarial Attacks

M Zheng, X Yan, Z Zhu, H Chen, B Wu - arXiv preprint arXiv:2312.16979, 2023 - arxiv.org
Adversarial examples are well-known tools to evaluate the vulnerability of deep neural
networks (DNNs). Although lots of adversarial attack algorithms have been developed, it is …

Random transformations to improve mitigation of query-based black-box attacks

ZTM Ali, RMA Azad, MA Azad, J Holyhead… - Expert Systems with …, 2024 - Elsevier
This paper proposes methods to upstage the best-known defences against query-based
black-box attacks. These benchmark defences incorporate gaussian noise into input data …