The paper introduces a practical demonstration of black-box attacks against machine learning (ML) models, specifically deep neural networks (DNNs), without requiring knowledge of the model's internals or training data. The authors present a strategy where the attacker trains a local substitute model using synthetic inputs and labels observed from the target DNN. This substitute model is then used to craft adversarial examples that are misclassified by the target DNN. The attack is evaluated against DNNs hosted by MetaMind, Amazon, and Google, achieving high success rates in misclassifying adversarial examples. The paper also discusses the generalizability of the attack to other ML techniques, such as logistic regression, and demonstrates its effectiveness against models hosted by Amazon and Google. The authors disclose their attacks to the respective companies and emphasize the practicality and applicability of their black-box attack strategy.The paper introduces a practical demonstration of black-box attacks against machine learning (ML) models, specifically deep neural networks (DNNs), without requiring knowledge of the model's internals or training data. The authors present a strategy where the attacker trains a local substitute model using synthetic inputs and labels observed from the target DNN. This substitute model is then used to craft adversarial examples that are misclassified by the target DNN. The attack is evaluated against DNNs hosted by MetaMind, Amazon, and Google, achieving high success rates in misclassifying adversarial examples. The paper also discusses the generalizability of the attack to other ML techniques, such as logistic regression, and demonstrates its effectiveness against models hosted by Amazon and Google. The authors disclose their attacks to the respective companies and emphasize the practicality and applicability of their black-box attack strategy.