Learning Black-Box Attackers with Transferable Priors and Query Feedback
Authors: Jiancheng YANG, Yangzhou Jiang, Xiaoyang Huang, Bingbing Ni, Chenglong Zhao
NeurIPS 2020 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experiments on Image Net dataset [11] validate the superiority of Le BA over previous state of the art and our baseline approaches, in terms of query efficiency and attack success rate... We experiment on Image Net [11] to demonstrate the efficiency of our algorithm. |
| Researcher Affiliation | Academia | Jiancheng Yang1,2 , Yangzhou Jiang1,2, , Xiaoyang Huang1,2, Bingbing Ni1,2 , Chenglong Zhao1,2 1 Shanghai Jiao Tong University, Shanghai 200240, China 2 Mo E Key Lab of Artificial Intelligence, AI Institute, Shanghai Jiao Tong University |
| Pseudocode | Yes | Algorithm 1 Learnable Black-Box Attack (Le BA) |
| Open Source Code | Yes | Code is open source at https://github.com/Trustworthy DL/Le BA. |
| Open Datasets | Yes | We experiment on Image Net [11] to demonstrate the efficiency of our algorithm. [11] refers to Deng, J., Dong, W., Socher, R., Li, L.-J., Li, K., and Fei-Fei, L. Imagenet: A large-scale hierarchical image database. In CVPR, pp. 248 255. Ieee, 2009. |
| Dataset Splits | No | No explicit train/validation/test dataset splits are provided for reproducibility of the main experimental setup. The paper mentions using 1,000 attack images (S1) and 1,000 images for further validation (S2) but not as part of a formal train/validation/test split for their model. |
| Hardware Specification | No | No specific hardware details (like GPU/CPU models) used for running experiments are provided. The acknowledgements only mention 'providing GPUs'. |
| Software Dependencies | Yes | We implement the algorithm with Py Torch [34]. [34] Paszke, A., Gross, S., Massa, F., Lerer, A., Bradbury, J., Chanan, G., Killeen, T., Lin, Z., Gimelshein, N., Antiga, L., Desmaison, A., Kopf, A., Yang, E., De Vito, Z., Raison, M., Tejani, A., Chilamkurthy, S., Steiner, B., Fang, L., Bai, J., and Chintala, S. Pytorch: An imperative style, high-performance deep learning library. In Advances in Neural Information Processing Systems 32, pp. 8024 8035. Curran Associates, Inc., 2019. |
| Experiment Setup | Yes | As for hyper-parameters, if not specified, we set the attack step ϵ to 0.1, query iteration n Q to 20, buffer size b to 24, λ = 0.01 and initial γ = 3.0 with momentum update. For TIMI, we set iteration numbers n T = 10. |