HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets

Qi Li; Xingyu Li; Xiaodong Cui; Keke Tang; Peican Zhu

doi:10.1145/3583780.3615198

HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets

Qi Li
, Xingyu Li
, Xiaodong Cui
, Keke Tang
, Peican Zhu

School of Artificial Intelligence, OPtics and Electronics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Scopus citations

Abstract

Exploring adversarial attacks on deep neural networks (DNNs) is crucial for assessing and enhancing their adversarial robustness. Among various attack types, hard-label attacks that rely only on predicted labels offer a practical approach. This paper focuses on the challenging task of hard-label attacks within an extremely limited query budget, which is a significant achievement rarely accomplished by existing methods. To tackle this, we propose an attack framework that leverages geometric information from previous perturbation directions to form triangles and employs a heuristic perpendicular trial to effectively utilize the intermediate directions. Extensive experiments validate the effectiveness of our approach under strict query constraints and demonstrate its superiority to the state-of-the-art methods.

Original language	English
Title of host publication	CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management
Publisher	Association for Computing Machinery
Pages	4064-4068
Number of pages	5
ISBN (Electronic)	9798400701245
DOIs	https://doi.org/10.1145/3583780.3615198
State	Published - 21 Oct 2023
Event	32nd ACM International Conference on Information and Knowledge Management, CIKM 2023 - Birmingham, United Kingdom Duration: 21 Oct 2023 → 25 Oct 2023

Publication series

Name	International Conference on Information and Knowledge Management, Proceedings
ISSN (Print)	2155-0751

Conference

Conference	32nd ACM International Conference on Information and Knowledge Management, CIKM 2023
Country/Territory	United Kingdom
City	Birmingham
Period	21/10/23 → 25/10/23

Keywords

deep neural networks
hard-label adversarial attack
trustworthy machine learning

Access to Document

10.1145/3583780.3615198

Cite this

Li, Q., Li, X., Cui, X., Tang, K., & Zhu, P. (2023). HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets. In CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management (pp. 4064-4068). (International Conference on Information and Knowledge Management, Proceedings). Association for Computing Machinery. https://doi.org/10.1145/3583780.3615198

Li, Qi ; Li, Xingyu ; Cui, Xiaodong et al. / HEPT Attack : Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets. CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. Association for Computing Machinery, 2023. pp. 4064-4068 (International Conference on Information and Knowledge Management, Proceedings).

@inproceedings{a4ed1017d9284659a235f7737c4ec3df,

title = "HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets",

abstract = "Exploring adversarial attacks on deep neural networks (DNNs) is crucial for assessing and enhancing their adversarial robustness. Among various attack types, hard-label attacks that rely only on predicted labels offer a practical approach. This paper focuses on the challenging task of hard-label attacks within an extremely limited query budget, which is a significant achievement rarely accomplished by existing methods. To tackle this, we propose an attack framework that leverages geometric information from previous perturbation directions to form triangles and employs a heuristic perpendicular trial to effectively utilize the intermediate directions. Extensive experiments validate the effectiveness of our approach under strict query constraints and demonstrate its superiority to the state-of-the-art methods.",

keywords = "deep neural networks, hard-label adversarial attack, trustworthy machine learning",

author = "Qi Li and Xingyu Li and Xiaodong Cui and Keke Tang and Peican Zhu",

note = "Publisher Copyright: {\textcopyright} 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM.; 32nd ACM International Conference on Information and Knowledge Management, CIKM 2023 ; Conference date: 21-10-2023 Through 25-10-2023",

year = "2023",

month = oct,

day = "21",

doi = "10.1145/3583780.3615198",

language = "英语",

series = "International Conference on Information and Knowledge Management, Proceedings",

publisher = "Association for Computing Machinery",

pages = "4064--4068",

booktitle = "CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management",

}

Li, Q, Li, X, Cui, X, Tang, K & Zhu, P 2023, HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets. in CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. International Conference on Information and Knowledge Management, Proceedings, Association for Computing Machinery, pp. 4064-4068, 32nd ACM International Conference on Information and Knowledge Management, CIKM 2023, Birmingham, United Kingdom, 21/10/23. https://doi.org/10.1145/3583780.3615198

HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets. / Li, Qi; Li, Xingyu; Cui, Xiaodong et al.
CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. Association for Computing Machinery, 2023. p. 4064-4068 (International Conference on Information and Knowledge Management, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - HEPT Attack

T2 - 32nd ACM International Conference on Information and Knowledge Management, CIKM 2023

AU - Li, Qi

AU - Li, Xingyu

AU - Cui, Xiaodong

AU - Tang, Keke

AU - Zhu, Peican

PY - 2023/10/21

Y1 - 2023/10/21

N2 - Exploring adversarial attacks on deep neural networks (DNNs) is crucial for assessing and enhancing their adversarial robustness. Among various attack types, hard-label attacks that rely only on predicted labels offer a practical approach. This paper focuses on the challenging task of hard-label attacks within an extremely limited query budget, which is a significant achievement rarely accomplished by existing methods. To tackle this, we propose an attack framework that leverages geometric information from previous perturbation directions to form triangles and employs a heuristic perpendicular trial to effectively utilize the intermediate directions. Extensive experiments validate the effectiveness of our approach under strict query constraints and demonstrate its superiority to the state-of-the-art methods.

AB - Exploring adversarial attacks on deep neural networks (DNNs) is crucial for assessing and enhancing their adversarial robustness. Among various attack types, hard-label attacks that rely only on predicted labels offer a practical approach. This paper focuses on the challenging task of hard-label attacks within an extremely limited query budget, which is a significant achievement rarely accomplished by existing methods. To tackle this, we propose an attack framework that leverages geometric information from previous perturbation directions to form triangles and employs a heuristic perpendicular trial to effectively utilize the intermediate directions. Extensive experiments validate the effectiveness of our approach under strict query constraints and demonstrate its superiority to the state-of-the-art methods.

KW - deep neural networks

KW - hard-label adversarial attack

KW - trustworthy machine learning

UR - https://www.scopus.com/pages/publications/85178098776

U2 - 10.1145/3583780.3615198

DO - 10.1145/3583780.3615198

M3 - 会议稿件

AN - SCOPUS:85178098776

T3 - International Conference on Information and Knowledge Management, Proceedings

SP - 4064

EP - 4068

BT - CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management

PB - Association for Computing Machinery

Y2 - 21 October 2023 through 25 October 2023

ER -

Li Q, Li X, Cui X, Tang K, Zhu P. HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets. In CIKM 2023 - Proceedings of the 32nd ACM International Conference on Information and Knowledge Management. Association for Computing Machinery. 2023. p. 4064-4068. (International Conference on Information and Knowledge Management, Proceedings). doi: 10.1145/3583780.3615198

HEPT Attack: Heuristic Perpendicular Trial for Hard-label Attacks under Limited Query Budgets

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this