Evaluating the adversarial robustness of machine learning models using gradient-based attacks is challenging. In this work, we show that hyperparameter optimization can improve fast minimum-norm attacks by automating the selection of the loss function, the optimizer and the step-size scheduler, along with the corresponding hyperparameters. Our extensive evaluation involving several robust models demonstrates the improved efficacy of fast minimum-norm attacks when hyper-up with hyperparameter optimization. We release our open-source code at https://github.com/pralab/HO-FMN.

翻译：使用基于梯度的攻击评估机器学习模型的对抗鲁棒性具有挑战性。在本工作中，我们表明通过自动选择损失函数、优化器和步长调度器及其相应的超参数，超参数优化可以改进快速最小范数攻击。我们对多个鲁棒模型进行的广泛评估表明，当结合超参数优化时，快速最小范数攻击的有效性得到提升。我们在https://github.com/pralab/HO-FMN 上发布了开源代码。