Identifying Adversarial Sentences by Analyzing Text Complexity
This addresses the problem of malicious text deception for AI systems and users, but it is incremental as it builds on existing detection methods with improved performance.
The paper tackles the problem of detecting adversarial text, such as spam or fake posts, by analyzing differences in text complexity between human-written and machine-generated content, achieving 82.0% accuracy and 18.4% equal error rate, outperforming existing methods.
Attackers create adversarial text to deceive both human perception and the current AI systems to perform malicious purposes such as spam product reviews and fake political posts. We investigate the difference between the adversarial and the original text to prevent the risk. We prove that the text written by a human is more coherent and fluent. Moreover, the human can express the idea through the flexible text with modern words while a machine focuses on optimizing the generated text by the simple and common words. We also suggest a method to identify the adversarial text by extracting the features related to our findings. The proposed method achieves high performance with 82.0% of accuracy and 18.4% of equal error rate, which is better than the existing methods whose the best accuracy is 77.0% corresponding to the error rate 22.8%.