A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification
[article]
2021
arXiv
pre-print
Preserved Fulltext
Our findings suggest that humans are capable of generating a substantial amount of adversarial examples using semantics-preserving word substitutions. ...
We report on crowdsourcing studies in which we task humans with iteratively modifying words in an input text, while receiving immediate model feedback, with the aim of causing a sentiment classification ...
., 2011) and data collected from human participants. All human participants provided informed consent and the studies were approved by the local ethics review board. ...
arXiv:2109.04385v1
fatcat:gjvtyftktndxrbzbip6mvcgkdq
Contrasting Human- and Machine-Generated Word-Level Adversarial Examples for Text Classification
2021
Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Our findings suggest that humans are capable of generating a substantial amount of adversarial examples using semantics-preserving word substitutions. ...
We report on crowdsourcing studies in which we task humans with iteratively modifying words in an input text, while receiving immediate model feedback, with the aim of causing a sentiment classification ...
., 2011) and data collected from human participants. All human participants provided informed consent and the studies were approved by the local ethics review board. ...
doi:10.18653/v1/2021.emnlp-main.651
fatcat:w6x4ddxujbczjoiaxcdwmc2tlu
A survey in Adversarial Defences and Robustness in NLP
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Other Versions
In contrast with image data, generating adversarial attacks and defending these models is not easy in NLP because of the discrete nature of the text data. ...
However, numerous methods for adversarial defense are proposed of late, for different NLP tasks such as text classification, named entity recognition, natural language inferencing, etc. ...
which generates the adversarial examples for text classification task. ...
arXiv:2203.06414v2
fatcat:2ukd44px35e7ppskzkaprfw4ha
Gray-box Techniques for Adversarial Text Generation
2018
AAAI Fall Symposia
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
We consider the problem of adversarial text generation in the context of cyber-security tasks such as email spam filtering and text classification for sentiment analysis on social media sites. ...
In adversarial text generation, an adversary attempts to perturb valid text data to generate adversarial text such that the adversarial text ends up getting mis-classified by a machine classifier. ...
perturbed images that can fool a machine classifer while remaining imperceptible to humans. ...
dblp:conf/aaaifs/DasguptaCB18
fatcat:vabr53aztzfuxdb66tlxl63ffm
HotFlip: White-Box Adversarial Examples for Text Classification
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We propose an efficient method to generate white-box adversarial examples to trick a character-level neural classifier. ...
With the use of a few semantics-preserving constraints, we demonstrate that HotFlip can be adapted to attack a word-level classifier as well. ...
HotFlip at Word-Level HotFlip can naturally be adapted to generate adversarial examples for word-level models, by computing derivatives with respect to one-hot word vectors. ...
arXiv:1712.06751v2
fatcat:2tm2lvqilfaujpu6tl3akeqepu
HotFlip: White-Box Adversarial Examples for Text Classification
2018
Proceedings of the 56th Annual Meeting of the Association for Computational Linguistics (Volume 2: Short Papers)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We propose an efficient method to generate white-box adversarial examples to trick a character-level neural classifier. ...
With the use of a few semantics-preserving constraints, we demonstrate that HotFlip can be adapted to attack a word-level classifier as well. ...
HotFlip at Word-Level HotFlip can naturally be adapted to generate adversarial examples for word-level models, by computing derivatives with respect to one-hot word vectors. ...
doi:10.18653/v1/p18-2006
dblp:conf/acl/EbrahimiRLD18
fatcat:mrp5q3hpuzaezex3qbha7pt2a4
Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
These vulnerabilities allow adversaries to launch a diversified set of adversarial attacks on these algorithms in different applications of social media text processing. ...
In this paper, we provide a comprehensive review of the main approaches for adversarial attacks and defenses in the context of social media applications with a particular focus on key challenges and future ...
Acknowledgment The authors extend their appreciation to the Deputyship for Research & Innovation, Ministry of Education in Saudi Arabia for funding this research work through the project number 1120. ...
arXiv:2110.13980v1
fatcat:e373if4sszed7i4owzwiabmzxu
Identifying Adversarial Sentences by Analyzing Text Complexity
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Moreover, the human can express the idea through the flexible text with modern words while a machine focuses on optimizing the generated text by the simple and common words. ...
We investigate the difference between the adversarial and the original text to prevent the risk. We prove that the text written by a human is more coherent and fluent. ...
They contrasted with the weird patterns (e.g., "after * after the" and "and also * and") in machine-generated texts from low-resource languages. ...
arXiv:1912.08981v1
fatcat:kigd63xicja5rhs4xhcpe2pugq
Adversarial Robustness of Neural-Statistical Features in Detection of Generative Transformers
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The detection of computer-generated text is an area of rapidly increasing significance as nascent generative models allow for efficient creation of compelling human-like text, which may be abused for the ...
Finally, we pioneer the usage of ΔMAUVE as a proxy measure for human judgement of adversarial text quality. ...
Past research also found that human-generated text tended to include more complex phrases, and that it tended to be more consistent according to sentence-level and paragraph-level consistency metrics ...
arXiv:2203.07983v1
fatcat:2rawqul7lvclfhhgxvztobwbb4
Evaluating and Enhancing the Robustness of Sustainable Neural Relationship Classifiers Using Query-Efficient Black-Box Adversarial Attacks
2021
Sustainability
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Based on these items, we design both character- and word-level perturbations to generate adversarial examples. ...
The generated adversarial examples were evaluated by humans and are considered semantically similar. ...
Nevertheless, the machine evaluation of the original text and human evaluation of adversarial texts are quite close, implying that it remains challenging for humans to perceive the modifications. ...
doi:10.3390/su13115892
fatcat:6d6rpyunifbmze5pn4hvkehg3i
Universal Adversarial Attack via Conditional Sampling for Text Classification
2021
Applied Sciences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In this paper, we propose a novel method, based on conditional BERT sampling with multiple standards, for generating universal adversarial perturbations: input-agnostic of words that can be concatenated ...
Based on automatic detection metrics and human evaluations, the adversarial attack we developed dramatically reduces the accuracy of the model on classification tasks, and the trigger is less easily distinguished ...
For example, adversarial-modified input is used to evaluate reading comprehension models [9] and stress test neural machine translation [10] . ...
doi:10.3390/app11209539
fatcat:j3dsdlfpajffzogzavskhusuqu
Black-box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Although various techniques have been proposed to generate adversarial samples for white-box attacks on text, little attention has been paid to black-box attacks, which are more realistic scenarios. ...
We evaluated DeepWordBug on eight real-world text datasets, including text classification, sentiment analysis, and spam detection. ...
to generate adversarial sequences, in contrast to previous works that use projected gradient or multiple linguisticdriven steps. • Small perturbations to human observers: WordBug can generate adversarial ...
arXiv:1801.04354v5
fatcat:y3mdfslcjrd4re34jo7r5vgfxe
TextBugger: Generating Adversarial Text Against Real-world Applications
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2019 Proceedings 2019 Network and Distributed System Security Symposium unpublished doi:10.14722/ndss.2019.23138 fatcat:hxjajhsmoze3dahi33s2g5mr7y
benign text, with 94.9\% of the adversarial text correctly recognized by human readers; and (iii) efficient -- it generates adversarial text with computational complexity sub-linear to the text length ...
Specifically, we present TextBugger, a general attack framework for generating adversarial texts. ...
First, we use both character-level and word-level perturbations to generate adversarial texts, in contrast to previous works that use the projected gradient [29] or linguistic-driven steps [16] . ...
arXiv:1812.05271v1
fatcat:755ataie5bdplfi6uxdkeforzu
Joint Character-Level Word Embedding and Adversarial Stability Training to Defend Adversarial Text
2020
PROCEEDINGS OF THE THIRTIETH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE AND THE TWENTY-EIGHTH INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE CONFERENCE
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
There are two main challenges in character-level adversarial examples defense, which are out-of-vocabulary words in word embedding model and the distribution difference between training and inference. ...
Our experimental results on five text classification data sets show that the models based on our framework can effectively defend character-level adversarial examples, and our models can defend 93.19% ...
Defense
start to generate word-level adversarial examples in text classification. (Liang et al. 2017 ) also consider adversarial examples in text classification. ...
doi:10.1609/aaai.v34i05.6356
fatcat:7e2o4rg44rennjyll5g4kvlkay
BERT: A Review of Applications in Natural Language Processing and Understanding
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This survey will be useful to all students and researchers who want to get acquainted with the latest advances in the field of natural language text analysis. ...
The paper describes the mechanism of operation of this model, the main areas of its application to the tasks of text analytics, comparisons with similar models in each task, as well as a description of ...
The statement of a method for generating adversarial examples for text classification problems can be formalized as follows [25] : having a set of sentences and a corresponding set of labels , a pre-trained ...
arXiv:2103.11943v1
fatcat:e3ojyslcine6tmhenayiglxywa
« Previous
Showing results 1 — 15 out of 10,250 results