The Sensitivity of Word Embeddings-based Author Detection Models to Semantic-preserving Adversarial Perturbations
This work addresses the robustness of authorship analysis models for applications like plagiarism detection and misinformation source identification, but it is incremental as it builds on existing adversarial perturbation methods.
The paper investigated the sensitivity of word embeddings-based author detection models to semantic-preserving adversarial perturbations, finding that these models are vulnerable to such manipulations, with performance drops of up to 30% in accuracy under certain perturbation strategies.
Authorship analysis is an important subject in the field of natural language processing. It allows the detection of the most likely writer of articles, news, books, or messages. This technique has multiple uses in tasks related to authorship attribution, detection of plagiarism, style analysis, sources of misinformation, etc. The focus of this paper is to explore the limitations and sensitiveness of established approaches to adversarial manipulations of inputs. To this end, and using those established techniques, we first developed an experimental frame-work for author detection and input perturbations. Next, we experimentally evaluated the performance of the authorship detection model to a collection of semantic-preserving adversarial perturbations of input narratives. Finally, we compare and analyze the effects of different perturbation strategies, input and model configurations, and the effects of these on the author detection model.