A Context Aware Approach for Generating Natural Language Attacks
This work addresses the problem of generating high-quality adversarial examples for NLP models, which is important for researchers and developers to understand model vulnerabilities.
This paper proposes a black-box attack strategy for natural language processing models, specifically targeting text classification and entailment tasks. The attack generates semantically similar adversarial examples, achieving significantly better success rates and lower word perturbation percentages compared to prior methods.
We study an important task of attacking natural language processing models in a black box setting. We propose an attack strategy that crafts semantically similar adversarial examples on text classification and entailment tasks. Our proposed attack finds candidate words by considering the information of both the original word and its surrounding context. It jointly leverages masked language modelling and next sentence prediction for context understanding. In comparison to attacks proposed in prior literature, we are able to generate high quality adversarial examples that do significantly better both in terms of success rate and word perturbation percentage.