Deep neural networks are exploited using natural adversarial samples, which have no impact on human perception but are misclassified. Current approaches often rely on the white-box nature of deep neural networks to generate these adversarial samples or alter the distribution of adversarial samples compared to training distribution. To alleviate the limitations of current approaches, we propose EvoSeed, a novel evolutionary strategy-based search algorithmic framework to generate natural adversarial samples. Our EvoSeed framework uses auxiliary Diffusion and Classifier models to operate in a model-agnostic black-box setting. We employ CMA-ES to optimize the search for an adversarial seed vector, which, when processed by the Conditional Diffusion Model, results in an unrestricted natural adversarial sample misclassified by the Classifier Model. Experiments show that generated adversarial images are of high image quality and are transferable to different classifiers. Our approach demonstrates promise in enhancing the quality of adversarial samples using evolutionary algorithms. We hope our research opens new avenues to enhance the robustness of deep neural networks in real-world scenarios. Project Website can be accessed at \url{https://shashankkotyan.github.io/EvoSeed}.

翻译：深度神经网络可通过自然对抗样本被利用，这些样本对人类感知无影响但会被错误分类。现有方法通常依赖深度神经网络的白盒特性来生成此类样本，或导致对抗样本的分布偏离训练分布。为克服当前方法的局限性，我们提出EvoSeed——一种基于进化策略的搜索算法框架，用于生成自然对抗样本。该框架通过辅助扩散模型与分类器模型，在模型无关的黑盒场景中运行。我们采用CMA-ES优化对抗种子向量的搜索过程，该向量经条件扩散模型处理后，生成被分类器模型错误分类的无约束自然对抗样本。实验表明，生成的对抗图像具有高图像质量，并可迁移至不同分类器。本方法展示了利用进化算法提升对抗样本质量的潜力，有望为增强深度神经网络在真实场景中的鲁棒性开辟新路径。项目网站可访问\url{https://shashankkotyan.github.io/EvoSeed}。