|
|
|
|
|
|
by Fripplebubby
3023 days ago
|
|
|
One method of creating adversarial examples in a "black box" setting is to create and train a local model as a stand-in for the actual model using the inputs and outputs of the actual model. [1] So, the answer is "no" but a qualified "no" since in practice this seems to work. The second part, being able to forward many images, is also a qualified "no". 1 - https://arxiv.org/abs/1602.02697 |
|
|