CAT-Gen: Improving Robustness in NLP Models via Controlled Adversarial Text Generation
This work addresses robustness issues in NLP models for tasks like sentiment classification, though it appears incremental as it builds on existing adversarial text generation methods.
The paper tackles the problem of NLP model robustness by introducing CAT-Gen, a method for generating adversarial texts using controllable attributes that do not affect task labels, resulting in more diverse and fluent adversarial examples compared to existing approaches.
NLP models are shown to suffer from robustness issues, i.e., a model's prediction can be easily changed under small perturbations to the input. In this work, we present a Controlled Adversarial Text Generation (CAT-Gen) model that, given an input text, generates adversarial texts through controllable attributes that are known to be invariant to task labels. For example, in order to attack a model for sentiment classification over product reviews, we can use the product categories as the controllable attribute which would not change the sentiment of the reviews. Experiments on real-world NLP datasets demonstrate that our method can generate more diverse and fluent adversarial texts, compared to many existing adversarial text generation approaches. We further use our generated adversarial examples to improve models through adversarial training, and we demonstrate that our generated attacks are more robust against model re-training and different model architectures.