A Black-Box Attack Algorithm Targeting Unlabeled Industrial AI Systems With Contrastive Learning

Mingxing Duan, Guoqing Xiao, Kenli Li, Bin Xiao

Research output: Journal article publicationJournal articleAcademic researchpeer-review

1 Citation (Scopus)

Abstract

Adversarial attack algorithms are useful for testing and improving the robustness of industrial AI models. However, attacking black-box models with limited queries and unknown real labels remains a significant challenge. To overcome this challenge, we propose using contrastive learning to train a generated substitute model called attack contrastive learning network (ACL-Net) to attack black-box models with very few queries and no real labels. ACL-Net achieves end-to-end contrastive learning during training without labels, which differs from previous contrastive learning methods that required separate training for the classification layer with labels. We improve ACL-Net's robustness by using adversarial examples to train it during the attack stage. This approach results in more effective adversarial examples generated by ACL-Net. We conducted extensive experiments to validate the effectiveness of ACL-Net. Compared with the latest algorithms, ACL-Net requires fewer queries to achieve better attack performance, demonstrating its superiority in query-efficient black-box attacks. Overall, our approach presents a promising solution to the challenge of attacking black-box models with limited queries and unknown real labels. Our results show the effectiveness of using contrastive learning to train generated substitute models, and the potential for improving the robustness of industrial AI models through adversarial attacks.

Original languageEnglish
Pages (from-to)6325-6335
Number of pages11
JournalIEEE Transactions on Industrial Informatics
Volume20
Issue number4
DOIs
Publication statusPublished - 1 Apr 2024

Keywords

  • Adversarial examples
  • contrastive learning (CL)
  • industrial AI models
  • limited queries
  • robustness

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Information Systems
  • Computer Science Applications
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'A Black-Box Attack Algorithm Targeting Unlabeled Industrial AI Systems With Contrastive Learning'. Together they form a unique fingerprint.

Cite this