A Geometry-Inspired Attack for Generating Natural Language Adversarial Examples
OPEN ACCESS
Loading...
Author / Producer
Date
2020-12
Publication Type
Conference Paper
ETH Bibliography
yes
Citations
Altmetric
OPEN ACCESS
Data
Rights / License
Abstract
Generating adversarial examples for natural language is hard, as natural language consists of discrete symbols, and examples are often of variable lengths. In this paper, we propose a geometry-inspired attack for generating natural language adversarial examples. Our attack generates adversarial examples by iteratively approximating the decision boundary of Deep Neural Networks (DNNs). Experiments on two datasets with two different models show that our attack fools natural language models with high success rates, while only replacing a few words. Human evaluation shows that adversarial examples generated by our attack are hard for humans to recognize. Further experiments show that adversarial training can improve model robustness against our attack.
Permanent link
Publication status
published
Book title
Proceedings of the 28th International Conference on Computational Linguistics
Journal / series
Volume
Pages / Article No.
6679 - 6689
Publisher
International Committee on Computational Linguistics
Event
28th International Conference on Computational Linguistics (COLING 2020) (virtual)
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Organisational unit
03604 - Wattenhofer, Roger / Wattenhofer, Roger
Notes
Due to the Coronavirus (COVID-19) the conference was conducted virtually.