Analyzing the Impact of Adversarial Examples on Explainable Machine Learning

TL;DR

This paper investigates how adversarial attacks affect the interpretability of machine learning models in text classification, highlighting the vulnerability of explainability to malicious input modifications.

Contribution

It introduces a method to analyze the impact of adversarial perturbations on model explainability in text classification tasks.

Findings

Adversarial attacks significantly alter model explanations.

Model performance degrades after adversarial perturbations.

Explainability metrics change notably post-attack.

Abstract

Adversarial attacks are a type of attack on machine learning models where an attacker deliberately modifies the inputs to cause the model to make incorrect predictions. Adversarial attacks can have serious consequences, particularly in applications such as autonomous vehicles, medical diagnosis, and security systems. Work on the vulnerability of deep learning models to adversarial attacks has shown that it is very easy to make samples that make a model predict things that it doesn't want to. In this work, we analyze the impact of model interpretability due to adversarial attacks on text classification problems. We develop an ML-based classification model for text data. Then, we introduce the adversarial perturbations on the text data to understand the classification performance after the attack. Subsequently, we analyze and interpret the model's explainability before and after the attack