TL;DR
This paper introduces TSTricker, a multi-granularity adversarial attack method for Tibetan text using masked language models, significantly challenging Chinese minority language models and improving robustness evaluation.
Contribution
It presents a novel Tibetan-specific adversarial attack approach leveraging masked language models, addressing the gap in minority language NLP security research.
Findings
Reduces model accuracy by over 28.70%
Changes predictions in more than 90.60% of samples
Outperforms baseline attack methods
Abstract
In social media, neural network models have been applied to hate speech detection, sentiment analysis, etc., but neural network models are susceptible to adversarial attacks. For instance, in a text classification task, the attacker elaborately introduces perturbations to the original texts that hardly alter the original semantics in order to trick the model into making different predictions. By studying textual adversarial attack methods, the robustness of language models can be evaluated and then improved. Currently, most of the research in this field focuses on English, and there is also a certain amount of research on Chinese. However, there is little research targeting Chinese minority languages. With the rapid development of artificial intelligence technology and the emergence of Chinese minority language models, textual adversarial attacks become a new challenge for the…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
MethodsADaptive gradient method with the OPTimal convergence rate
