OpenAttack: An Open-source Textual Adversarial Attack Toolkit

TL;DR

OpenAttack is a comprehensive open-source toolkit that supports various textual adversarial attack models, enabling easier comparison, evaluation, and development of attack methods across multiple languages.

Contribution

It introduces a modular, extensible framework supporting all attack types, multilinguality, and parallel processing, addressing limitations of existing toolkits.

Findings

Includes 15 attack models covering all attack types.

Supports quick utilization and extension of attack models.

Facilitates robustness evaluation and adversarial training.

Abstract

Textual adversarial attacking has received wide and increasing attention in recent years. Various attack models have been proposed, which are enormously distinct and implemented with different programming frameworks and settings. These facts hinder quick utilization and fair comparison of attack models. In this paper, we present an open-source textual adversarial attack toolkit named OpenAttack to solve these issues. Compared with existing other textual adversarial attack toolkits, OpenAttack has its unique strengths in support for all attack types, multilinguality, and parallel processing. Currently, OpenAttack includes 15 typical attack models that cover all attack types. Its highly inclusive modular design not only supports quick utilization of existing attack models, but also enables great flexibility and extensibility. OpenAttack has broad uses including comparing and evaluating attack models, measuring robustness of a model, assisting in developing new attack models, and adversarial training. Source code and documentation can be obtained at https://github.com/thunlp/OpenAttack.