Gradient-based Adversarial Attacks against Text Transformers

Guo, Chuan, Sablayrolles, Alexandre, Jégou, Hervé, Kiela, Douwe

Apr-15-2021–arXiv.org Artificial Intelligence

We propose the first general-purpose gradient-based attack against transformer models. Instead of searching for a single adversarial example, we search for a distribution of adversarial examples parameterized by a continuous-valued matrix, hence enabling gradient-based optimization. We empirically demonstrate that our white-box attack attains state-of-the-art attack performance on a variety of natural language tasks. Furthermore, we show that a powerful black-box transfer attack, enabled by sampling from the adversarial distribution, matches or exceeds existing methods, while only requiring hard-label outputs.

adversarial example, constraint, target model, (15 more...)

arXiv.org Artificial Intelligence

Apr-15-2021

arXiv.org PDF

Add feedback

Country:
- North America > United States
  - New York (0.04)
  - Minnesota > Hennepin County
    - Minneapolis (0.14)
- Europe
  - Russia (0.04)
  - Italy > Tuscany
    - Florence (0.04)
- Asia
  - Middle East > Republic of Türkiye (0.05)
  - Russia (0.04)
  - India (0.04)
  - China (0.04)

Genre:
- Research Report (0.82)

Industry:
- Information Technology > Security & Privacy (0.83)
- Government (0.65)

Technology:
- Information Technology > Artificial Intelligence
  - Natural Language (1.00)
  - Representation & Reasoning > Search (0.68)
  - Machine Learning > Neural Networks
    - Deep Learning (0.95)

Duplicate Docs Excel Report

Title
None found

Similar Docs Excel Report more

Title	Similarity	Source
None found