AdvCodeMix: Adversarial Attack on Code-Mixed Data

Das, Sourya Dipta; Basak, Ayan; Mandal, Soumil; Das, Dipankar

doi:10.1145/3493700.3493705

Cited by 2 publications

(5 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Increasing phenomena of code-mixing on social media platforms have also motivated researchers to analyze the adversarial robustness of code-mixed models. Authors in (Das et al, 2022) exposed the vulnerability of code-mixed classifiers by performing an adversarial attack based on subword perturbations, character repetition, and word language change. However, there is no attempt to enhance the adversarial robustness of code-mixed text classifiers against these perturbations.…”

Section: Related Workmentioning

confidence: 99%

“…, w n , with ground truth label y, and a target model M (S) = y, the goal of the adversary is to perform an untargeted attack, i.e., find an adversarial sample S adv , causing M to perform misclassification, i.e., M (S)! = y. Adversaries attack the model using phonetic perturbations in line with the prior work Das et al (2022). Design goals: Based on the aforementioned adversary model, our proposed framework (SMLM and SAMLM) must meet the robustness and accuracy requirements.…”

Section: Threat Modelmentioning

confidence: 99%

“…Managing such variations within text data are typically achieved through pre-processing techniques, such as data augmentation and normalization (Kusampudi et al, 2021), which necessitates the utilization of human-annotated dictionaries and can entail a significant investment in manual annotation efforts. It has been observed that traditional techniques for processing and analysis of code-mixed content may prove ineffective in cases where the spelling of a word varies from those present in the corpus or dictionary (Das et al, 2022).…”

Section: Introductionmentioning

confidence: 99%

“…Although transformer based pre-trained models (Devlin et al, 2018;Liu et al, 2019b) have proven to be largely effective for most of the tasks in Natural Language Processing (NLP) , it has been shown that even such models are not robust enough to handle small perturbations in spelling (Das et al, 2022). Such perturbations have been used to perform adversarial attacks on even the transformers based language models.…”

Section: Introductionmentioning

confidence: 99%

“…We then fine-tune our pretrained models on downstream classification tasks based on code-mixed Hinglish (Hindi+English) and Benglish (Bengali+English) datasets. We perform phonetic perturbation-based attacks following Das et al (2022) and find that our SMLM and SAMLM pre-trained models are more robust to such adversarial attacks. We observe a lower drop in performance in both models when compared to the base BERT and RoBERTa models after the attack.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Elevating Code-mixed Text Handling through Auditory Information of Words

Mamta,

Ahmad,

Ekbal

2023

Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing

View full text Add to dashboard Cite

With the growing popularity of code-mixed data, there is an increasing need for better handling of this type of data, which poses a number of challenges, such as dealing with spelling variations, multiple languages, different scripts, and a lack of resources. Current language models face difficulty in effectively handling code-mixed data as they primarily focus on the semantic representation of words and ignore the auditory phonetic features. This leads to difficulties in handling spelling variations in code-mixed text. In this paper, we propose an effective approach for creating language models for handling code-mixed textual data using auditory information of words from SOUNDEX. Our approach includes a pre-training step based on masked-language-modelling, which includes SOUNDEX representations (SAMLM) and a new method of providing input data to the pretrained model. Through experimentation on various code-mixed datasets (of different languages) for sentiment, offensive and aggression classification tasks, we establish that our novel language modeling approach (SAMLM) results in improved robustness towards adversarial attacks on code-mixed classification tasks. Additionally, our SAMLM based approach also results in better classification results over the popular baselines for code-mixed tasks. We use the explainability technique, SHAP (SHapley Additive exPlanations) to explain how the auditory features incorporated through SAMLM assist the model to handle the code-mixed text effectively and increase robustness against adversarial attacks 1 .

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Threat Modelmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Elevating Code-mixed Text Handling through Auditory Information of Words

Mamta,

Ahmad,

Ekbal

2023

Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing

View full text Add to dashboard Cite

show abstract

Adversarial Training Methods for Deep Learning: A Systematic Review

2022

View full text Add to dashboard Cite

Deep neural networks are exposed to the risk of adversarial attacks via the fast gradient sign method (FGSM), projected gradient descent (PGD) attacks, and other attack algorithms. Adversarial training is one of the methods used to defend against the threat of adversarial attacks. It is a training schema that utilizes an alternative objective function to provide model generalization for both adversarial data and clean data. In this systematic review, we focus particularly on adversarial training as a method of improving the defensive capacities and robustness of machine learning models. Specifically, we focus on adversarial sample accessibility through adversarial sample generation methods. The purpose of this systematic review is to survey state-of-the-art adversarial training and robust optimization methods to identify the research gaps within this field of applications. The literature search was conducted using Engineering Village (Engineering Village is an engineering literature search tool, which provides access to 14 engineering literature and patent databases), where we collected 238 related papers. The papers were filtered according to defined inclusion and exclusion criteria, and information was extracted from these papers according to a defined strategy. A total of 78 papers published between 2016 and 2021 were selected. Data were extracted and categorized using a defined strategy, and bar plots and comparison tables were used to show the data distribution. The findings of this review indicate that there are limitations to adversarial training methods and robust optimization. The most common problems are related to data generalization and overfitting.

show abstract

AdvCodeMix: Adversarial Attack on Code-Mixed Data

Cited by 2 publications

References 20 publications

Elevating Code-mixed Text Handling through Auditory Information of Words

Elevating Code-mixed Text Handling through Auditory Information of Words

Adversarial Training Methods for Deep Learning: A Systematic Review

Contact Info

Product

Resources

About