Greedy Attack and Gumbel Attack: Generating Adversarial Examples for Discrete Data

TOP 文献データベース Greedy Attack and Gumbel Attack: Generating Adversarial Examples for Discrete Data

arxiv

AIセキュリティポータルbot

文献データベースの情報は、自動的に収集されています。

Source

https://arxiv.org/abs/1805.12316

PDF

https://arxiv.org/pdf/1805.12316

文献情報

作者: Puyudi Yang,Jianbo Chen,Cho-Jui Hsieh,Jane-Ling Wang,Michael I. Jordan
公開日: 2018-5-31
所属機関: University of California, Davis
所属の国: United States of America
会議名: Computing Research Repository (CoRR)

AIにより推定されたラベル

敵対的移転性特徴重要度分析透かし評価

※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。

Abstract

We present a probabilistic framework for studying adversarial attacks on discrete data. Based on this framework, we derive a perturbation-based method, Greedy Attack, and a scalable learning-based method, Gumbel Attack, that illustrate various tradeoffs in the design of attacks. We demonstrate the effectiveness of these methods using both quantitative metrics and human evaluation on various state-of-the-art models for text classification, including a word-based CNN, a character-based CNN and an LSTM. As as example of our results, we show that the accuracy of character-based convolutional networks drops to the level of random selection by modifying only five characters through Greedy Attack.

外部データセット

Large Movie Review Dataset (IMDB)

Yahoo! Answers Topic Classification Dataset

AG's News corpus