Existing research on the robustness of structured tabular models under black-box, decision-based adversarial attacks remains insufficient. Method: We propose an efficient gradient-free attack method that uniformly handles both discrete and continuous features. Our approach innovatively combines directional derivative estimation with adaptive boundary search, requiring only model output labels and achieving high success rates with minimal queries (typically <50). Contribution/Results: Evaluated across multiple benchmark tabular datasets and mainstream models—including XGBoost, MLP, and TabNet—our method achieves attack success rates consistently exceeding 90%, significantly outperforming prior black-box approaches. To our knowledge, this is the first work to systematically expose critical vulnerabilities of tabular models in realistic deployment scenarios. It provides a scalable, low-overhead benchmark tool for robustness evaluation and defense of structured data, enabling practical assessment of model resilience with minimal computational cost.

Adversarial robustness in structured data remains an underexplored frontier compared to vision and language domains. In this work, we introduce a novel black-box, decision-based adversarial attack tailored for tabular data. Our approach combines gradient-free direction estimation with an iterative boundary search, enabling efficient navigation of discrete and continuous feature spaces under minimal oracle access. Extensive experiments demonstrate that our method successfully compromises nearly the entire test set across diverse models, ranging from classical machine learning classifiers to large language model (LLM)-based pipelines. Remarkably, the attack achieves success rates consistently above 90%, while requiring only a small number of queries per instance. These results highlight the critical vulnerability of tabular models to adversarial perturbations, underscoring the urgent need for stronger defenses in real-world decision-making systems.