Efficiently generating sentence-level textual adversarial examples with Seq2seq Stacked Auto-Encoder. (1st March 2023)
- Record Type:
- Journal Article
- Title:
- Efficiently generating sentence-level textual adversarial examples with Seq2seq Stacked Auto-Encoder. (1st March 2023)
- Main Title:
- Efficiently generating sentence-level textual adversarial examples with Seq2seq Stacked Auto-Encoder
- Authors:
- Li, Ang
Zhang, Fangyuan
Li, Shuangjiao
Chen, Tianhua
Su, Pan
Wang, Hongtao - Abstract:
- Abstract: In spite deep learning has advanced numerous successes, recent research has shown increasing concern on its vulnerability over adversarial attacks. In Natural Language Processing, crafting high-quality adversarial text examples is much more challenging due to the discrete nature of texts. Recent studies perform transformations on characters or words, which are generally formulated as combinatorial optimization problems. However, these approaches suffer from inefficiency due to the high dimensional search space. To address this issue, in this paper, we propose an end-to-end Seq2seq Stacked Auto-Encoder (SSAE) neural network, which generates adversarial text examples efficiently via direct network inference. SSAE has two salient features. The outer auto-encoder preserves syntactic and semantic information to the original examples. The inner auto-encoder projects sentence embedding into a high-level semantic representation, on which constrained perturbations are superimposed to increase adversarial ability. Experimental results suggest that SSAE has a higher attack success rate than existing word-level attack methods, and is 100x to 700x faster at attack speed on IMDB dataset. We further find out that the adversarial examples generated by SSAE have strong transferability to attack different victim models. Highlights: A novel and efficient sentence-level adversarial attack method is proposed. A stacked auto-encoder network is devised to achieve naturality andAbstract: In spite deep learning has advanced numerous successes, recent research has shown increasing concern on its vulnerability over adversarial attacks. In Natural Language Processing, crafting high-quality adversarial text examples is much more challenging due to the discrete nature of texts. Recent studies perform transformations on characters or words, which are generally formulated as combinatorial optimization problems. However, these approaches suffer from inefficiency due to the high dimensional search space. To address this issue, in this paper, we propose an end-to-end Seq2seq Stacked Auto-Encoder (SSAE) neural network, which generates adversarial text examples efficiently via direct network inference. SSAE has two salient features. The outer auto-encoder preserves syntactic and semantic information to the original examples. The inner auto-encoder projects sentence embedding into a high-level semantic representation, on which constrained perturbations are superimposed to increase adversarial ability. Experimental results suggest that SSAE has a higher attack success rate than existing word-level attack methods, and is 100x to 700x faster at attack speed on IMDB dataset. We further find out that the adversarial examples generated by SSAE have strong transferability to attack different victim models. Highlights: A novel and efficient sentence-level adversarial attack method is proposed. A stacked auto-encoder network is devised to achieve naturality and similarity. Experiments show promising performance in attack success rate and efficiency. … (more)
- Is Part Of:
- Expert systems with applications. Volume 213:Part C(2023)
- Journal:
- Expert systems with applications
- Issue:
- Volume 213:Part C(2023)
- Issue Display:
- Volume 213, Issue 3 (2023)
- Year:
- 2023
- Volume:
- 213
- Issue:
- 3
- Issue Sort Value:
- 2023-0213-0003-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-03-01
- Subjects:
- Sentence-level attack -- Textual adversarial examples -- Deep neural network -- Stacked auto-encoder
Expert systems (Computer science) -- Periodicals
Systèmes experts (Informatique) -- Périodiques
Electronic journals
006.33 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09574174 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.eswa.2022.119170 ↗
- Languages:
- English
- ISSNs:
- 0957-4174
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3842.004220
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 24578.xml