Aliasing black box adversarial attack with joint self-attention distribution and confidence probability. (15th March 2023)
- Record Type:
- Journal Article
- Title:
- Aliasing black box adversarial attack with joint self-attention distribution and confidence probability. (15th March 2023)
- Main Title:
- Aliasing black box adversarial attack with joint self-attention distribution and confidence probability
- Authors:
- Liu, Jun
Jin, Haoyu
Xu, Guangxia
Lin, Mingwei
Wu, Tao
Nour, Majid
Alenezi, Fayadh
Alhudhaif, Adi
Polat, Kemal - Abstract:
- Highlights: A novel score-based attack is proposed to deceive the DNN models. Using substitute and target model to evaluate the word importance. Synonym is used for generating adversarial samples. Adversarial training can help to enhance the robustness of DNN models. Abstract: Deep neural networks (DNNs) are vulnerable to adversarial attacks, in which a small perturbation to samples can cause misclassification. However, how to select important words for textual attack models is a big challenge. Therefore, in this paper, an innovative score-based attack model is proposed to solve the important words selection problem for textual attack models. To this end, the generation of semantically adversarial examples in this model is adopted to mislead a text classification model. Then, this model integrates the self-attention mechanism and confidence probabilities for the selection of the important words. Moreover, an alternative model similar to the transfer attack is introduced to reflect the correlation degree of words inside the texts. Finally, adversarial training experimental results demonstrate the superiority of the proposed model.
- Is Part Of:
- Expert systems with applications. Volume 214(2023)
- Journal:
- Expert systems with applications
- Issue:
- Volume 214(2023)
- Issue Display:
- Volume 214, Issue 2023 (2023)
- Year:
- 2023
- Volume:
- 214
- Issue:
- 2023
- Issue Sort Value:
- 2023-0214-2023-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-03-15
- Subjects:
- Adversarial attack -- Self-attention distribution -- Text classification
Expert systems (Computer science) -- Periodicals
Systèmes experts (Informatique) -- Périodiques
Electronic journals
006.33 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09574174 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.eswa.2022.119110 ↗
- Languages:
- English
- ISSNs:
- 0957-4174
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3842.004220
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24460.xml