BERT-Defense: A Probabilistic Model Based on BERT to Combat Cognitively Inspired Orthographic Adversarial Attacks

Keller, Yannik; Mackensen, Jan; Eger, Steffen

doi:10.48550/arxiv.2106.01452

Cited by 4 publications

(5 citation statements)

References 12 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The randomisation method used in this work prevents backpropagation in gradients, thus confining the adversarial attack to bypass the model. Another model is to prevent adversarial attacks on textual content by using an untrained iterative approach that integrates context-independent and dependent character-level features [25]. Erik Jones et al introduced a robust encoding framework, which assured robustness in preventing adversarial attacks on textural content [26].…”

Section: Literature Reviewmentioning

confidence: 99%

Study on Network Virtual Printing Sculpture Design using Artificial Intelligence

Wang

Sirivesmas

2023

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

Sculptures are visionaries of a country’s culture from time immemorial. Chinese sculptures hold an aesthetic value in the global market, catalysed by opening the country's gates. On the other hand, this paved the way for many duplicates and replicates of the original sculptures, defaming the entire artwork. This work proposes a defrauding model that deploys a Siamese-based Convolutional Neural Network (S-CNN) that effectively detects the mimicked sculpture images. Nevertheless, adversarial attacks are gaining momentum, compromising the deep learning models to make predictions for faked or forged images. The work uses a Simplified Graph Convolutional Network (SGCN) to misclassify the adversarial images generated by the Fast Gradient Sign Method (FGSM) to combat this attack. The model's training is done with adversarial images of the Imagenet dataset. By transfer learning, the model is rested for its efficacy in identifying the adversarial examples of the Chinese God images dataset. The results showed that the proposed model could detect the generated adversarial examples with a reasonable misclassification rate.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Study on Network Virtual Printing Sculpture Design using Artificial Intelligence

Wang

Sirivesmas

2023

Int. j. commun. netw. inf. secur.

View full text Add to dashboard Cite

show abstract

“…As a backing off step the word recognizer either passes the UNK word as is, backs off to a neutral word or backs off to a more general word recognition model trained on a larger, less specific corpus. In the work [45] authors demonstrated the limitations of spell checker for perturbation identification & correction. They proposed a method in which context independent probability distribution are created by segmenting the perturbed sentence using BERT tokens and modified version of levenshtein distance.…”

Section: Perturbation Identification and Correctionmentioning

confidence: 99%

A survey in Adversarial Defences and Robustness in NLP

Goyal¹,

Doddapaneni²,

Khapra³

et al. 2022

Preprint

View full text Add to dashboard Cite

In recent years, it has been seen that deep neural networks are lacking robustness and are likely to break in case of adversarial perturbations in input data. Strong adversarial attacks are proposed by various authors for computer vision and Natural Language Processing (NLP). As a counter-effort, several defense mechanisms are also proposed to save these networks from failing. In contrast with image data, generating adversarial attacks and defending these models is not easy in NLP because of the discrete nature of the text data. However, numerous methods for adversarial defense are proposed of late, for different NLP tasks such as text classification, named entity recognition, natural language inferencing, etc. These methods are not just used for defending neural networks from adversarial attacks, but also used as a regularization mechanism during training, saving the model from overfitting. The proposed survey is an attempt to review different methods proposed for adversarial defenses in NLP in the recent past by proposing a novel taxonomy. This survey also highlights the fragility of the advanced deep neural networks in NLP and the challenges in defending them.

show abstract

“…The defence method was able to restore BERT's accuracy from 45% to 75% against character-level adversarial attacks. Another BERTdefence method was proposed in [25] and it outperforms spell checker and ScRNN. The authors have not considered the adaptability and interpertability which are important factors to ensure longevity.…”

Section: Adversarial Text Attacks and Defence In Textmentioning

confidence: 99%

“…Since calculating the edited distance, adding extra step and retraining ScRNN [36] are expensive and time consuming, we choose to use a spell checker in this paper. Although the model proposed in [25] outperforms the spell checker and ScRNN, it consists of 3 steps, which include a BERT and a language model. This adds extra computation time and complexity when used as an OCR post-correction.…”

Section: Adversarial Text Attacks and Defence In Textmentioning

confidence: 99%