Adaptive hyperparameter optimization for black-box adversarial attack

The study of adversarial attacks is crucial in the design of robust neural network models. In this work, we propose a hyperparameter optimization framework for black-box adversarial attacks. We observe that hyperparameters are extremely important to enhance the query efficiency of many black-box adversarial attack methods. Hence, we propose an adaptive hyperparameter tuning framework such that, in each query iteration, the attacker can adaptively selects the hyperparameter configuration based on the feedback from the victim to improve the attack success rate and query efficiency of the attack algorithm. The experiment results show, by adaptively tuning the attack hyperparameters, our technique outperforms the original algorithm, where the query efficiency is improved by 33.63% on the NES algorithm for untargeted attacks, 44.47% on the Bandits algorithm for untargeted attacks, and 32.24% improvement on the Bandits algorithm for targeted attacks.