Summary of Brusleattack: a Query-efficient Score-based Black-box Sparse Adversarial Attack, by Viet Quoc Vo et al.
BruSLeAttack: A Query-Efficient Score-Based Black-Box Sparse Adversarial Attack
by Viet Quoc Vo, Ehsan Abbasnejad, Damith C. Ranasinghe
First submitted to arxiv on: 8 Apr 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary A new algorithm for generating sparse adversarial samples is developed, allowing for the discovery of minimum perturbations to craft adversarial examples and misguide model decisions. This approach is unique in that it utilizes score-based replies to model queries, which is non-trivial due to the NP-hard problem and non-differentiable search space. The BruSLeAttack algorithm is faster and more query-efficient than existing methods, achieving state-of-the-art attack success rates on standard computer vision tasks such as ImageNet. The proposed attack is demonstrated against a Machine Learning as a Service (MLaaS) offering exemplified by Google Cloud Vision, and robustness testing of adversarial training regimes and recent defenses against black-box attacks is also conducted. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary A team of researchers created a new way to trick machine learning models into making wrong decisions. They found that by looking at how the model responds to certain questions, they can create small changes to images or text that will cause the model to make mistakes. This method is special because it’s not easy to do, and it requires a lot of computer power to figure out. The researchers called their new method BruSLeAttack and tested it on many different models and types of data. They even showed how it could be used to trick a popular service that uses machine learning, Google Cloud Vision. This work is important because it helps us understand how vulnerable our computer systems are to attacks, and how we can make them more secure. |
Keywords
» Artificial intelligence » Machine learning
