The reviewed record of science sign in
Pith

arxiv: 1912.01667 · v3 · pith:YSHMAK4G · submitted 2019-12-03 · cs.LG · cs.CR· cs.CV· stat.ML

A Survey of Black-Box Adversarial Attacks on Computer Vision Models

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:YSHMAK4Grecord.jsonopen to challenge →

classification cs.LG cs.CRcs.CVstat.ML
keywords modelsattacksblack-boxadversarialadversarycomprehensivelearningmodel
0
0 comments X
read the original abstract

Machine learning has seen tremendous advances in the past few years, which has lead to deep learning models being deployed in varied applications of day-to-day life. Attacks on such models using perturbations, particularly in real-life scenarios, pose a severe challenge to their applicability, pushing research into the direction which aims to enhance the robustness of these models. After the introduction of these perturbations by Szegedy et al. [1], significant amount of research has focused on the reliability of such models, primarily in two aspects - white-box, where the adversary has access to the targeted model and related parameters; and the black-box, which resembles a real-life scenario with the adversary having almost no knowledge of the model to be attacked. To provide a comprehensive security cover, it is essential to identify, study, and build defenses against such attacks. Hence, in this paper, we propose to present a comprehensive comparative study of various black-box adversarial attacks and defense techniques.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 2 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. A Unified Perspective on Adversarial Membership Manipulation in Vision Models

    cs.CV 2026-04 conditional novelty 8.0

    Adversarial perturbations reliably fabricate membership signals in vision-model MIAs, separated by a gradient-norm collapse trajectory that enables robust detection and inference.

  2. False Alarms, Real Damage: Adversarial Attacks Using LLM-based Models on Text-based Cyber Threat Intelligence Systems

    cs.CR 2025-07 unverdicted novelty 5.0

    LLM-generated adversarial fake text can perform evasion, flooding, and poisoning attacks that mislead and degrade text-based CTI pipelines.