IEEE

F2Attack: Two-Factors Scoring Method for Query-Efficient Hard-Label Black-Box Textual Adversarial Attacks

Abstract: In the hard-label black-box setting, existing attack methods randomly select words for perturbation, generating invalid word replacement operations, resulting in low attack success rate.
IEEE

Hard-label based Small Query Black-box Adversarial Attack

Abstract: We consider the hard-label based black-box adversarial attack setting which solely observes the target model’s predicted class. Most of the attack methods in this setting suffer from ...