BRUSLEATTACK: A QUERY-EFFICIENT SCORE- BASED BLACK-BOX SPARSE ADVERSARIAL ATTACK
Authors: Quoc Viet Vo, Ehsan Abbasnejad, Damith Ranasinghe
ICLR 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We conduct extensive attack evaluations including an attack demonstration against a Machine Learning as a Service (MLaa S) offering exemplified by Google Cloud Vision and robustness testing of adversarial training regimes and a recent defense against black-box attacks. |
| Researcher Affiliation | Academia | Viet Quoc Vo, Ehsan Abbasnejad, Damith C. Ranasinghe The University of Adelaide {viet.vo,ehsan.abbasnejad,damith.ranasinghe}@adelaide.edu.au |
| Pseudocode | Yes | Algorithm 1: BRUSLEATTACK |
| Open Source Code | Yes | Our artifacts and DIY attack samples are available on Git Hub. |
| Open Datasets | Yes | For a comprehensive evaluation of BRUSLEATTACK, we compose of evaluation sets from CIFAR-10 (Krizhevsky et al.), STL-10 (Coates et al., 2011) and Image Net (Deng et al., 2009). |
| Dataset Splits | Yes | For CIFAR-10 and STL-10, we select 9,000 and 60,094 different pairs of the source image and target class respectively. For Image Net, we randomly select 200 correctly classified test images evenly distributed among 200 random classes from Image Net. To reduce the computational burden of the evaluation tasks in the targeted setting, five target classes are randomly chosen for each image. |
| Hardware Specification | Yes | All experiments in this study are performed on two RTX TITAN GPU (2 × 24GB) and four RTX A6000 GPU (4 × 48GB). |
| Software Dependencies | No | The paper discusses models (ResNet, ViT), datasets, and hyperparameters, but does not list specific software dependencies with version numbers (e.g., PyTorch 1.x, TensorFlow 2.x, Python 3.x). |
| Experiment Setup | Yes | Table 20: Hyper-parameters setting in our experiments |