Token-Modification Adversarial Attacks for Natural Language Processing: A Survey

Roth, Tom, Gao, Yansong, Abuadbba, Alsharif, Nepal, Surya, Liu, Wei

Jan-7-2024–arXiv.org Artificial Intelligence

Many adversarial attacks target natural language processing systems, most of which succeed through modifying the individual tokens of a document. Despite the apparent uniqueness of each of these attacks, fundamentally they are simply a distinct configuration of four components: a goal function, allowable transformations, a search method, and constraints. In this survey, we systematically present the different components used throughout the literature, using an attack-independent framework which allows for easy comparison and categorisation of components. Our work aims to serve as a comprehensive guide for newcomers to the field and to spark targeted research into refining the individual attack components.

computational linguistic, evolutionary algorithm, machine learning, (17 more...)

arXiv.org Artificial Intelligence

Jan-7-2024

arXiv.org PDF

Add feedback

Country:
- Asia (1.00)
- Europe (1.00)
- North America > United States
  - California > San Francisco County
    - San Francisco (0.14)
  - Maryland > Baltimore (0.14)
  - Minnesota > Hennepin County
    - Minneapolis (0.14)

Genre:
- Overview (1.00)

Industry:
- Government (1.00)
- Information Technology > Security & Privacy (1.00)

Technology:
- Information Technology > Artificial Intelligence
  - Machine Learning
    - Evolutionary Systems (0.93)
    - Neural Networks > Deep Learning (1.00)
  - Natural Language
    - Grammars & Parsing (0.93)
    - Text Processing (1.00)
  - Representation & Reasoning > Search (1.00)