Boosting the Transferability of Adversarial Attacks in Deep Neural Networks

Abstract

This article presents a means of boosting the transferability of adversarial attacks in deep neural networks. The research includes background, methodologies, and outcomes, encompassing single-attack approaches and ensemble attack strategies such as I-FGSM and MI-FGSM. We delve into the notion of retraining using adversarial examples. Our contributions reveal the limitations of single-attack methods regarding transferability and demonstrate the superiority of ensemble attack methods. We highlight how algorithm selection impacts attack effectiveness and how model variations enhance transferability. Through these investigations, we offer valuable insights for bolstering deep neural networks’ adversarial robustness while acknowledging existing constraints.