Black-Box Decision based Adversarial Attack with Symmetric $\alpha$-stable Distribution
Vignesh Srinivasan, Ercan E. Kuruoglu, Klaus-Robert M\"uller, Wojciech, Samek, Shinichi Nakajima

TL;DR
This paper introduces the Lévý-Attack, a novel black-box adversarial attack method using symmetric α-stable distributions, which enhances exploration efficiency over traditional Gaussian-based methods, demonstrated on MNIST and CIFAR10 datasets.
Contribution
It generalizes the Boundary Attack by incorporating symmetric α-stable distributions, improving exploration efficiency in black-box adversarial attacks.
Findings
Lévý-Attack outperforms Gaussian-based methods in exploration efficiency.
Significant performance improvements on MNIST and CIFAR10 datasets.
Insights into the importance of norm choice in adversarial pattern measurement.
Abstract
Developing techniques for adversarial attack and defense is an important research field for establishing reliable machine learning and its applications. Many existing methods employ Gaussian random variables for exploring the data space to find the most adversarial (for attacking) or least adversarial (for defense) point. However, the Gaussian distribution is not necessarily the optimal choice when the exploration is required to follow the complicated structure that most real-world data distributions exhibit. In this paper, we investigate how statistics of random variables affect such random walk exploration. Specifically, we generalize the Boundary Attack, a state-of-the-art black-box decision based attacking strategy, and propose the L\'evy-Attack, where the random walk is driven by symmetric -stable random variables. Our experiments on MNIST and CIFAR10 datasets show that the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Anomaly Detection Techniques and Applications · Bacillus and Francisella bacterial research
