Abstract:Deep learning is widely used in different fields. However, a well-trained deep learning model may be easily disturbed and gives wrong results, which causes serious safety problems. In order to test the robustness of deep learning model, researchers attack the model by all kinds of adversarial examples. The generation method of black box adversarial examples with targets, which has sound practicability, becomes a hot issue. The difficulty of black box adversarial examples generation lies in how to improve the generation efficiency under the premise of the success rate of the attack. In order to solve this difficulty, this study proposes a new method of target adversarial sample generation based on fast boundary attack. This method includes two steps: sampling along the line and sampling on the sphere. The first step is completed by the one side half search to improve search efficiency. The second step is completed by random search with adaptive adjustment of search radius, which is used to improve the search scope. The feasibility of the algorithm is verified by experimental results of five groups of pictures.