Adversarial ExamplesGeneration Algorithm Based on Decision Boundary Search

The neural network model has been widely used in the fields of artificial intelligence, and has achieved great success. However, the current neural network is facing the problem of adversarial examples attack, which is artificially constructed fake data that can cause a neural network to output incorrect results. This paper proposes an adversarial examples generation algorithm based on searching the decision boundary of neural network. Firstly, weusebinary search between two real samples to find aninitialattacking point. And then,we calculate the normal vector of the neural network on the decision boundary surface, in order to find the most sensitive direction of the neural network. Finally, we usethe direction information to iteratively find the adversarialexample closer to the original data point until the adversarial example converges. By applying the proposed algorithm on the public data sets, the experimental results show that the algorithm can generate adversarial examples with smaller adversarial perturbations, and it can be combined with other attack algorithms to achieve a better attack result.