Adv-OLM: Generating Textual Adversaries via OLM
This work addresses improving robustness in NLP models against adversarial inputs, but it is incremental as it adapts existing ideas to current methods.
The paper tackles the problem of adversarial attacks on NLP models by introducing Adv-OLM, a black-box method that uses Occlusion and Language Models to rank and substitute words, and it outperforms other attack methods on text classification tasks.
Deep learning models are susceptible to adversarial examples that have imperceptible perturbations in the original input, resulting in adversarial attacks against these models. Analysis of these attacks on the state of the art transformers in NLP can help improve the robustness of these models against such adversarial inputs. In this paper, we present Adv-OLM, a black-box attack method that adapts the idea of Occlusion and Language Models (OLM) to the current state of the art attack methods. OLM is used to rank words of a sentence, which are later substituted using word replacement strategies. We experimentally show that our approach outperforms other attack methods for several text classification tasks.