Adversarial Attacks on Tables with Entity Swap
This addresses a vulnerability in tabular language models for data analysis, but it is incremental as it adapts existing adversarial techniques to a new domain.
The paper tackles the problem of entity leakage in table datasets by proposing an adversarial entity-swap attack for column type annotation, resulting in up to a 70% drop in model performance.
The capabilities of large language models (LLMs) have been successfully applied in the context of table representation learning. The recently proposed tabular language models have reported state-of-the-art results across various tasks for table interpretation. However, a closer look into the datasets commonly used for evaluation reveals an entity leakage from the train set into the test set. Motivated by this observation, we explore adversarial attacks that represent a more realistic inference setup. Adversarial attacks on text have been shown to greatly affect the performance of LLMs, but currently, there are no attacks targeting tabular language models. In this paper, we propose an evasive entity-swap attack for the column type annotation (CTA) task. Our CTA attack is the first black-box attack on tables, where we employ a similarity-based sampling strategy to generate adversarial examples. The experimental results show that the proposed attack generates up to a 70% drop in performance.