Low-Cost Hard-Label Adversarial Attack with Theoretical Foundations
Researchers have developed a new framework for adversarial attacks on AI models, focusing on hard-label black-box scenarios where only the top prediction is accessible. Their approach introduces a novel zero-query initialization strategy and a Pattern-Driven Optimization algorithm, grounded in theoretical analysis that links existing methods to gradient sign approximation. This method demonstrates superior efficiency and success rates compared to state-of-the-art attacks across various datasets and model types, including commercial APIs and CLIP models, while also showing robustness against data corruption and specialized tasks like segmentation. AI
IMPACT This research introduces a more efficient and theoretically grounded method for adversarial attacks, potentially impacting AI model security and robustness testing.