Enhancing Targeted Attack Transferability via Diversified Weight Pruning. (arXiv:2208.08677v1 [cs.CV])

Malicious attackers can generate targeted adversarial examples by imposing
human-imperceptible noise on images, forcing neural network models to produce
specific incorrect outputs. With cross-model transferable adversarial examples,
the vulnerability of neural networks remains even if the model information is
kept secret from the attacker. Recent studies have shown the effectiveness of
ensemble-based methods in generating transferable adversarial examples.
However, existing methods fall short under the more challenging scenario of
creating targeted attacks transferable among distinct models. In this work, we …

attack targeted attack