L-AutoDA: Leveraging Large Language Models for Automated Decision-based Adversarial Attacks
It addresses the challenge of model robustness and security for AI systems, representing an incremental advancement in adversarial attack methods.
This paper tackles the problem of automating decision-based adversarial attacks on machine learning models by introducing L-AutoDA, which uses large language models to design attack algorithms, resulting in significant improvements in success rate and computational efficiency on the CIFAR-10 dataset.
In the rapidly evolving field of machine learning, adversarial attacks present a significant challenge to model robustness and security. Decision-based attacks, which only require feedback on the decision of a model rather than detailed probabilities or scores, are particularly insidious and difficult to defend against. This work introduces L-AutoDA (Large Language Model-based Automated Decision-based Adversarial Attacks), a novel approach leveraging the generative capabilities of Large Language Models (LLMs) to automate the design of these attacks. By iteratively interacting with LLMs in an evolutionary framework, L-AutoDA automatically designs competitive attack algorithms efficiently without much human effort. We demonstrate the efficacy of L-AutoDA on CIFAR-10 dataset, showing significant improvements over baseline methods in both success rate and computational efficiency. Our findings underscore the potential of language models as tools for adversarial attack generation and highlight new avenues for the development of robust AI systems.