R.I.P.
π»
Ghosted
Prior Convictions: Black-Box Adversarial Attacks with Bandits and Priors
July 20, 2018 Β· Entered Twilight Β· π International Conference on Learning Representations
"No code URL or promise found in abstract"
"Code repo scraped from project page (backfill)"
Evidence collected by the PWNC Scanner
Repo contents: .gitignore, LICENSE, README.md, src
Authors
Andrew Ilyas, Logan Engstrom, Aleksander Madry
arXiv ID
1807.07978
Category
stat.ML: Machine Learning (Stat)
Cross-listed
cs.CR,
cs.LG
Citations
413
Venue
International Conference on Learning Representations
Repository
https://github.com/MadryLab/blackbox-bandits
β 63
Last Checked
1 month ago
Abstract
We study the problem of generating adversarial examples in a black-box setting in which only loss-oracle access to a model is available. We introduce a framework that conceptually unifies much of the existing work on black-box attacks, and we demonstrate that the current state-of-the-art methods are optimal in a natural sense. Despite this optimality, we show how to improve black-box attacks by bringing a new element into the problem: gradient priors. We give a bandit optimization-based algorithm that allows us to seamlessly integrate any such priors, and we explicitly identify and incorporate two examples. The resulting methods use two to four times fewer queries and fail two to five times less often than the current state-of-the-art.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Machine Learning (Stat)
R.I.P.
π»
Ghosted
Distilling the Knowledge in a Neural Network
R.I.P.
π»
Ghosted
Layer Normalization
R.I.P.
π»
Ghosted
Dropout as a Bayesian Approximation: Representing Model Uncertainty in Deep Learning
R.I.P.
π»
Ghosted
Domain-Adversarial Training of Neural Networks
R.I.P.
π»
Ghosted