PromptAttack: Prompt-based Attack for Language Models via Gradient Search
This addresses security problems for PLMs using prompt-based methods, which is an incremental contribution as it focuses on a specific vulnerability.
The paper tackles the vulnerability of prompt learning methods in pre-trained language models (PLMs) to malicious prompts, proposing PromptAttack to construct such prompts and demonstrating its effectiveness in causing classification errors across three datasets and three PLMs, including in few-shot scenarios.
As the pre-trained language models (PLMs) continue to grow, so do the hardware and data requirements for fine-tuning PLMs. Therefore, the researchers have come up with a lighter method called \textit{Prompt Learning}. However, during the investigations, we observe that the prompt learning methods are vulnerable and can easily be attacked by some illegally constructed prompts, resulting in classification errors, and serious security problems for PLMs. Most of the current research ignores the security issue of prompt-based methods. Therefore, in this paper, we propose a malicious prompt template construction method (\textbf{PromptAttack}) to probe the security performance of PLMs. Several unfriendly template construction approaches are investigated to guide the model to misclassify the task. Extensive experiments on three datasets and three PLMs prove the effectiveness of our proposed approach PromptAttack. We also conduct experiments to verify that our method is applicable in few-shot scenarios.