Adversarial Over-Sensitivity and Over-Stability Strategies for Dialogue Models
This work addresses robustness issues in dialogue models, which is an incremental but important step for improving reliability in conversational AI systems.
The authors tackled the problem of generative dialogue models being vulnerable to adversarial inputs by introducing model-agnostic strategies to test over-sensitivity and over-stability, and through adversarial training, they achieved a new state-of-the-art performance on the original task with significant improvements verified by human evaluation.
We present two categories of model-agnostic adversarial strategies that reveal the weaknesses of several generative, task-oriented dialogue models: Should-Not-Change strategies that evaluate over-sensitivity to small and semantics-preserving edits, as well as Should-Change strategies that test if a model is over-stable against subtle yet semantics-changing modifications. We next perform adversarial training with each strategy, employing a max-margin approach for negative generative examples. This not only makes the target dialogue model more robust to the adversarial inputs, but also helps it perform significantly better on the original inputs. Moreover, training on all strategies combined achieves further improvements, achieving a new state-of-the-art performance on the original task (also verified via human evaluation). In addition to adversarial training, we also address the robustness task at the model-level, by feeding it subword units as both inputs and outputs, and show that the resulting model is equally competitive, requires only 1/4 of the original vocabulary size, and is robust to one of the adversarial strategies (to which the original model is vulnerable) even without adversarial training.