The field of adversarial machine learning has experienced a near exponential growth in the amount of papers being produced since 2018. This massive information output has yet to be properly processed and categorized. In this paper, we seek to help alleviate this problem by systematizing the recent advances in adversarial machine learning black-box attacks since 2019. Our survey summarizes and categorizes 20 recent black-box attacks. We also present a new analysis for understanding the attack success rate with respect to the adversarial model used in each paper. Overall, our paper surveys a wide body of literature to highlight recent attack developments and organizes them into four attack categories: score based attacks, decision based attacks, transfer attacks and non-traditional attacks. Further, we provide a new mathematical framework to show exactly how attack results can fairly be compared.
翻译:自2018年以来,对抗性机器学习领域所制作的论文数量几乎呈指数增长趋势,这种庞大的信息产出尚未经过适当处理和分类。在本文件中,我们力求通过系统化自2019年以来对抗性机器学习黑箱攻击的最新进展来帮助缓解这一问题。我们的调查总结并分类了最近20次黑箱攻击。我们还提出新的分析,以了解每份文件所使用的对抗性攻击模式的攻击成功率。总体而言,我们的文件调查了广泛的文献,以突出最近的攻击事态发展,并将其分为四个攻击类别:基于分数的攻击、基于决定的攻击、转移的攻击和非传统的攻击。此外,我们提供了一个新的数学框架,以显示攻击结果如何可以公平地比较。