Are Multilingual BERT models robust? A Case Study on Adversarial Attacks for Multilingual Question Answering
This addresses security and reliability issues for users of multilingual AI systems, though it is incremental as it extends known adversarial techniques to a new multilingual context.
The paper tackled the robustness of multilingual BERT models in question answering by demonstrating that adversarial attacks can reduce performance by up to 85%, and it showed that training with these attacks helps mitigate the vulnerability.
Recent approaches have exploited weaknesses in monolingual question answering (QA) models by adding adversarial statements to the passage. These attacks caused a reduction in state-of-the-art performance by almost 50%. In this paper, we are the first to explore and successfully attack a multilingual QA (MLQA) system pre-trained on multilingual BERT using several attack strategies for the adversarial statement reducing performance by as much as 85%. We show that the model gives priority to English and the language of the question regardless of the other languages in the QA pair. Further, we also show that adding our attack strategies during training helps alleviate the attacks.