The paper "Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models" by Wieland Brendel, Jonas Rauber, and Matthias Bethge introduces a novel attack method called the Boundary Attack. This attack is designed to be applicable to real-world black-box models, such as those used in autonomous cars, and is more robust to simple defenses compared to gradient- or score-based attacks. The Boundary Attack starts from a large adversarial perturbation and then seeks to reduce it while maintaining the perturbation's adversarial nature. Key features of the attack include its simplicity, flexibility, and minimal hyperparameter tuning. The authors demonstrate the effectiveness of the Boundary Attack on standard datasets like MNIST, CIFAR-10, and ImageNet, showing competitive performance with gradient-based attacks. They also apply the attack to two black-box models from Clarifai.com, demonstrating its practical applicability in real-world scenarios. The paper highlights the importance of decision-based attacks in evaluating the robustness of machine learning models and raises concerns about the safety of deployed machine learning systems.The paper "Decision-Based Adversarial Attacks: Reliable Attacks Against Black-Box Machine Learning Models" by Wieland Brendel, Jonas Rauber, and Matthias Bethge introduces a novel attack method called the Boundary Attack. This attack is designed to be applicable to real-world black-box models, such as those used in autonomous cars, and is more robust to simple defenses compared to gradient- or score-based attacks. The Boundary Attack starts from a large adversarial perturbation and then seeks to reduce it while maintaining the perturbation's adversarial nature. Key features of the attack include its simplicity, flexibility, and minimal hyperparameter tuning. The authors demonstrate the effectiveness of the Boundary Attack on standard datasets like MNIST, CIFAR-10, and ImageNet, showing competitive performance with gradient-based attacks. They also apply the attack to two black-box models from Clarifai.com, demonstrating its practical applicability in real-world scenarios. The paper highlights the importance of decision-based attacks in evaluating the robustness of machine learning models and raises concerns about the safety of deployed machine learning systems.