Contemporary adversarial attack methods face significant limitations in cross-model transferability and practical applicability. We present Watertox, an elegant adversarial attack framework achieving remarkable effectiveness through architectural diversity and precision-controlled perturbations. Our two-stage Fast Gradient Sign Method combines uniform baseline perturbations ($\epsilon_1 = 0.1$) with targeted enhancements ($\epsilon_2 = 0.4$). The framework leverages an ensemble of complementary architectures, from VGG to ConvNeXt, synthesizing diverse perspectives through an innovative voting mechanism. Against state-of-the-art architectures, Watertox reduces model accuracy from 70.6% to 16.0%, with zero-shot attacks achieving up to 98.8% accuracy reduction against unseen architectures. These results establish Watertox as a significant advancement in adversarial methodologies, with promising applications in visual security systems and CAPTCHA generation.

翻译：当前对抗攻击方法在跨模型可迁移性和实际应用性方面面临显著局限。本文提出Watertox，一种通过架构多样性与精度控制扰动实现卓越效果的优雅对抗攻击框架。我们的两阶段快速梯度符号方法将均匀基线扰动（$\epsilon_1 = 0.1$）与定向增强（$\epsilon_2 = 0.4$）相结合。该框架利用从VGG到ConvNeXt的互补架构集成，通过创新的投票机制综合多重视角。在先进架构测试中，Watertox将模型准确率从70.6%降至16.0%，零样本攻击对未见架构的准确率降低最高达98.8%。这些成果确立了Watertox在对抗方法学上的重要进展，在视觉安全系统和验证码生成领域具有广阔应用前景。