Filters








10,250 Hits in 7.8 sec

Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification [article]

Maximilian Mozes, Max Bartolo, Pontus Stenetorp, Bennett Kleinberg, Lewis D. Griffin
2021 arXiv   pre-print
Our findings suggest that humans are capable of generating a substantial amount of adversarial examples using semantics-preserving word substitutions.  ...  We report on crowdsourcing studies in which we task humans with iteratively modifying words in an input text, while receiving immediate model feedback, with the aim of causing a sentiment classification  ...  ., 2011) and data collected from human participants. All human participants provided informed consent and the studies were approved by the local ethics review board.  ... 
arXiv:2109.04385v1 fatcat:gjvtyftktndxrbzbip6mvcgkdq

Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification

Maximilian Mozes, Max Bartolo, Pontus Stenetorp, Bennett Kleinberg, Lewis Griffin
2021 Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing   unpublished
Our findings suggest that humans are capable of generating a substantial amount of adversarial examples using semantics-preserving word substitutions.  ...  We report on crowdsourcing studies in which we task humans with iteratively modifying words in an input text, while receiving immediate model feedback, with the aim of causing a sentiment classification  ...  ., 2011) and data collected from human participants. All human participants provided informed consent and the studies were approved by the local ethics review board.  ... 
doi:10.18653/v1/2021.emnlp-main.651 fatcat:w6x4ddxujbczjoiaxcdwmc2tlu

A survey in Adversarial Defences and Robustness in NLP [article]

Shreya Goyal, Sumanth Doddapaneni, Mitesh M.Khapra, Balaraman Ravindran
2022 arXiv   pre-print
In contrast with image data, generating adversarial attacks and defending these models is not easy in NLP because of the discrete nature of the text data.  ...  However, numerous methods for adversarial defense are proposed of late, for different NLP tasks such as text classification, named entity recognition, natural language inferencing, etc.  ...  which generates the adversarial examples for text classification task.  ... 
arXiv:2203.06414v2 fatcat:2ukd44px35e7ppskzkaprfw4ha

Gray-box Techniques for Adversarial Text Generation

Prithviraj Dasgupta, Joseph B. Collins, Anna Buhman
2018 AAAI Fall Symposia  
We consider the problem of adversarial text generation in the context of cyber-security tasks such as email spam filtering and text classification for sentiment analysis on social media sites.  ...  In adversarial text generation, an adversary attempts to perturb valid text data to generate adversarial text such that the adversarial text ends up getting mis-classified by a machine classifier.  ...  perturbed images that can fool a machine classifer while remaining imperceptible to humans.  ... 
dblp:conf/aaaifs/DasguptaCB18 fatcat:vabr53aztzfuxdb66tlxl63ffm

HotFlip: White-Box Adversarial Examples for Text Classification [article]

Javid Ebrahimi, Anyi Rao, Daniel Lowd, Dejing Dou
2018 arXiv   pre-print
We propose an efficient method to generate white-box adversarial examples to trick a character-level neural classifier.  ...  With the use of a few semantics-preserving constraints, we demonstrate that HotFlip can be adapted to attack a word-level classifier as well.  ...  HotFlip at Word-Level HotFlip can naturally be adapted to generate adversarial examples for word-level models, by computing derivatives with respect to one-hot word vectors.  ... 
arXiv:1712.06751v2 fatcat:2tm2lvqilfaujpu6tl3akeqepu

HotFlip: White-Box Adversarial Examples for Text Classification

Javid Ebrahimi, Anyi Rao, Daniel Lowd, Dejing Dou
2018 Proceedings of the 56th Annual Meeting of the Association for Computational Linguistics (Volume 2: Short Papers)  
We propose an efficient method to generate white-box adversarial examples to trick a character-level neural classifier.  ...  With the use of a few semantics-preserving constraints, we demonstrate that HotFlip can be adapted to attack a word-level classifier as well.  ...  HotFlip at Word-Level HotFlip can naturally be adapted to generate adversarial examples for word-level models, by computing derivatives with respect to one-hot word vectors.  ... 
doi:10.18653/v1/p18-2006 dblp:conf/acl/EbrahimiRLD18 fatcat:mrp5q3hpuzaezex3qbha7pt2a4

Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions [article]

Izzat Alsmadi, Kashif Ahmad, Mahmoud Nazzal, Firoj Alam, Ala Al-Fuqaha, Abdallah Khreishah, Abdulelah Algosaibi
2021 arXiv   pre-print
These vulnerabilities allow adversaries to launch a diversified set of adversarial attacks on these algorithms in different applications of social media text processing.  ...  In this paper, we provide a comprehensive review of the main approaches for adversarial attacks and defenses in the context of social media applications with a particular focus on key challenges and future  ...  Acknowledgment The authors extend their appreciation to the Deputyship for Research & Innovation, Ministry of Education in Saudi Arabia for funding this research work through the project number 1120.  ... 
arXiv:2110.13980v1 fatcat:e373if4sszed7i4owzwiabmzxu

Identifying Adversarial Sentences by Analyzing Text Complexity [article]

Hoang-Quoc Nguyen-Son, Tran Phuong Thao, Seira Hidano, Shinsaku Kiyomoto
2019 arXiv   pre-print
Moreover, the human can express the idea through the flexible text with modern words while a machine focuses on optimizing the generated text by the simple and common words.  ...  We investigate the difference between the adversarial and the original text to prevent the risk. We prove that the text written by a human is more coherent and fluent.  ...  They contrasted with the weird patterns (e.g., "after * after the" and "and also * and") in machine-generated texts from low-resource languages.  ... 
arXiv:1912.08981v1 fatcat:kigd63xicja5rhs4xhcpe2pugq

Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers [article]

Evan Crothers, Nathalie Japkowicz, Herna Viktor, Paula Branco
2022 arXiv   pre-print
The detection of computer-generated text is an area of rapidly increasing significance as nascent generative models allow for efficient creation of compelling human-like text, which may be abused for the  ...  Finally, we pioneer the usage of ΔMAUVE as a proxy measure for human judgement of adversarial text quality.  ...  Past research also found that human-generated text tended to include more complex phrases, and that it tended to be more consistent according to sentence-level and paragraph-level consistency metrics  ... 
arXiv:2203.07983v1 fatcat:2rawqul7lvclfhhgxvztobwbb4

Evaluating and Enhancing the Robustness of Sustainable Neural Relationship Classifiers Using Query-Efficient Black-Box Adversarial Attacks

Ijaz Ul Haq, Zahid Younas Khan, Arshad Ahmad, Bashir Hayat, Asif Khan, Ye-Eun Lee, Ki-Il Kim
2021 Sustainability  
Based on these items, we design both character- and word-level perturbations to generate adversarial examples.  ...  The generated adversarial examples were evaluated by humans and are considered semantically similar.  ...  Nevertheless, the machine evaluation of the original text and human evaluation of adversarial texts are quite close, implying that it remains challenging for humans to perceive the modifications.  ... 
doi:10.3390/su13115892 fatcat:6d6rpyunifbmze5pn4hvkehg3i

Universal Adversarial Attack via Conditional Sampling for Text Classification

Yu Zhang, Kun Shao, Junan Yang, Hui Liu
2021 Applied Sciences  
In this paper, we propose a novel method, based on conditional BERT sampling with multiple standards, for generating universal adversarial perturbations: input-agnostic of words that can be concatenated  ...  Based on automatic detection metrics and human evaluations, the adversarial attack we developed dramatically reduces the accuracy of the model on classification tasks, and the trigger is less easily distinguished  ...  For example, adversarial-modified input is used to evaluate reading comprehension models [9] and stress test neural machine translation [10] .  ... 
doi:10.3390/app11209539 fatcat:j3dsdlfpajffzogzavskhusuqu

Black-box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers [article]

Ji Gao, Jack Lanchantin, Mary Lou Soffa, Yanjun Qi
2018 arXiv   pre-print
Although various techniques have been proposed to generate adversarial samples for white-box attacks on text, little attention has been paid to black-box attacks, which are more realistic scenarios.  ...  We evaluated DeepWordBug on eight real-world text datasets, including text classification, sentiment analysis, and spam detection.  ...  to generate adversarial sequences, in contrast to previous works that use projected gradient or multiple linguisticdriven steps. • Small perturbations to human observers: WordBug can generate adversarial  ... 
arXiv:1801.04354v5 fatcat:y3mdfslcjrd4re34jo7r5vgfxe

TextBugger: Generating Adversarial Text Against Real-world Applications [article]

Jinfeng Li, Shouling Ji, Tianyu Du, Bo Li, Ting Wang
2018 arXiv   pre-print
benign text, with 94.9\% of the adversarial text correctly recognized by human readers; and (iii) efficient -- it generates adversarial text with computational complexity sub-linear to the text length  ...  Specifically, we present TextBugger, a general attack framework for generating adversarial texts.  ...  First, we use both character-level and word-level perturbations to generate adversarial texts, in contrast to previous works that use the projected gradient [29] or linguistic-driven steps [16] .  ... 
arXiv:1812.05271v1 fatcat:755ataie5bdplfi6uxdkeforzu

Joint Character-Level Word Embedding and Adversarial Stability Training to Defend Adversarial Text

Hui Liu, Yongzheng Zhang, Yipeng Wang, Zheng Lin, Yige Chen
2020 PROCEEDINGS OF THE THIRTIETH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE AND THE TWENTY-EIGHTH INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE  
There are two main challenges in character-level adversarial examples defense, which are out-of-vocabulary words in word embedding model and the distribution difference between training and inference.  ...  Our experimental results on five text classification data sets show that the models based on our framework can effectively defend character-level adversarial examples, and our models can defend 93.19%  ...  Defense start to generate word-level adversarial examples in text classification. (Liang et al. 2017 ) also consider adversarial examples in text classification.  ... 
doi:10.1609/aaai.v34i05.6356 fatcat:7e2o4rg44rennjyll5g4kvlkay

BERT: A Review of Applications in Natural Language Processing and Understanding [article]

M. V. Koroteev
2021 arXiv   pre-print
This survey will be useful to all students and researchers who want to get acquainted with the latest advances in the field of natural language text analysis.  ...  The paper describes the mechanism of operation of this model, the main areas of its application to the tasks of text analytics, comparisons with similar models in each task, as well as a description of  ...  The statement of a method for generating adversarial examples for text classification problems can be formalized as follows [25] : having a set of sentences and a corresponding set of labels , a pre-trained  ... 
arXiv:2103.11943v1 fatcat:e3ojyslcine6tmhenayiglxywa
« Previous Showing results 1 — 15 out of 10,250 results