【图像攻击转移性】FACL-Attack: Frequency-Aware Contrastive Learning for Transferable Adversarial Attacks

原文标题： FACL-Attack: Frequency-Aware Contrastive Learning for Transferable Adversarial Attacks
原文代码： 暂无
发布年度： 2024
发布期刊： AAAI

---

摘要

Deep neural networks are known to be vulnerable to security risks due to the inherent transferable nature of adversarial examples. Despite the success of recent generative model-based attacks demonstrating strong transferability, it still remains a challenge to design an efficient attack strategy in a real-world strict black-box setting, where both the target domain and model architectures are unknown. In this paper, we seek to explore a feature contrastive approach in the frequency domain to generate adversarial examples that are robust in both crossdomain and cross-model settings. With that goal in mind, we propose two modules that are only employed during the training phase: a Frequency-Aware Domain Randomization (FADR) module to randomize domain-variant low- and highrange frequency components and a Frequency-Augmented Contrastive Learning (FACL) module to effectively separate domain-invariant mid-frequency features of clean and perturbed image. We demonstrate strong transferability of our generated adversarial perturbations through extensive crossdomain and cross-model experiments, while keepin