RaPA: Enhancing Transferable Targeted Attacks via Random Parameter Pruning

Researchers propose Random Parameter Pruning Attack (RaPA), a new method that improves targeted adversarial attacks by randomly pruning model parameters during optimization. The technique achieves up to 11.7% higher attack success rates when transferring from CNN to Transformer models compared to existing methods.

• →RaPA introduces parameter-level randomization to generate more transferable adversarial examples across different AI model architectures
• →The method addresses the over-reliance on small subsets of surrogate model parameters that limits attack transferability
• →RaPA achieves 11.7% higher average attack success rates than state-of-the-art baselines in CNN-to-Transformer transfers
• →The technique is training-free, cross-architecture efficient, and easily integrates into existing attack frameworks
• →Parameter pruning acts as an importance-equalization regularizer to improve adversarial example diversity