A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf
.
Black-box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers
[article]
2018
arXiv
pre-print
Although various techniques have been proposed to generate adversarial samples for white-box attacks on text, little attention has been paid to black-box attacks, which are more realistic scenarios. In this paper, we present a novel algorithm, DeepWordBug, to effectively generate small text perturbations in a black-box setting that forces a deep-learning classifier to misclassify a text input. We employ novel scoring strategies to identify the critical tokens that, if modified, cause the
arXiv:1801.04354v5
fatcat:y3mdfslcjrd4re34jo7r5vgfxe