Watertox: The Art of Simplicity in Universal Attacks A Cross-Model Framework for Robust Adversarial Generation
Journal:
arXiv
Published Date:
Dec 20, 2024
Abstract
Contemporary adversarial attack methods face significant limitations in
cross-model transferability and practical applicability. We present Watertox,
an elegant adversarial attack framework achieving remarkable effectiveness
through architectural diversity and precision-controlled perturbations. Our
two-stage Fast Gradient Sign Method combines uniform baseline perturbations
($\epsilon_1 = 0.1$) with targeted enhancements ($\epsilon_2 = 0.4$). The
framework leverages an ensemble of complementary architectures, from VGG to
ConvNeXt, synthesizing diverse perspectives through an innovative voting
mechanism. Against state-of-the-art architectures, Watertox reduces model
accuracy from 70.6% to 16.0%, with zero-shot attacks achieving up to 98.8%
accuracy reduction against unseen architectures. These results establish
Watertox as a significant advancement in adversarial methodologies, with
promising applications in visual security systems and CAPTCHA generation.
