To address the weak transferability of adversarial examples against deep neural networks, insufficient cross-model attention region diversity, and excessive semantic distortion, this paper proposes Component-wise Augmentation (CWA). CWA performs fine-grained spatial transformations by jointly applying bilinear interpolation and bounded-angle rotation on adaptively partitioned local image patches. It is the first method to unify patch-level transformation with attention diversity modeling and semantic integrity preservation. As a result, CWA significantly enhances black-box attack generalization. On ImageNet, it improves the average attack success rate by 8.3% across CNN and Transformer models, boosts stability by 12.7%, and maintains strong robustness against mainstream defenses—including Feature Denoising (FD) and TRADES.

Deep Neural Networks (DNNs) are highly vulnerable to adversarial examples, which pose significant challenges in security-sensitive applications. Among various adversarial attack strategies, input transformation-based attacks have demonstrated remarkable effectiveness in enhancing adversarial transferability. However, existing methods fail to diversify attention regions across models adequately and introduce excessive information loss during transformations. In this paper, we introduce a novel input transformation-based method, termed Component-Wise Augmentation (CWA), designed to enhance transferability by locally applying block-wise transformations. CWA strategically integrates interpolation and selective rotation on individual image blocks to diversify model attention regions while preserving semantic integrity. Extensive experiments on the standard ImageNet dataset show that CWA consistently outperforms state-of-the-art methods in both attack success rates and stability across CNN- and Transformer-based models, while also demonstrating superior performance against multiple defense methods.