Model Mimic Attack: Knowledge Distillation for Provably Transferable Adversarial Examples

A method to provably compute an adversarial example for a black-box classification neural network