DINA: A Dual Defense Framework Against Internal Noise and External Attacks in Natural Language Processing
This work addresses security and reliability issues for NLP applications like customer service and moderation, offering a practical defense strategy, though it is incremental as it adapts existing methods from computer vision.
The paper tackles the problem of adversarial threats from both external manipulations and internal label corruption in NLP systems, introducing DINA, a unified framework that significantly improves model robustness and accuracy on a real-world dataset from an online gaming service.
As large language models (LLMs) and generative AI become increasingly integrated into customer service and moderation applications, adversarial threats emerge from both external manipulations and internal label corruption. In this work, we identify and systematically address these dual adversarial threats by introducing DINA (Dual Defense Against Internal Noise and Adversarial Attacks), a novel unified framework tailored specifically for NLP. Our approach adapts advanced noisy-label learning methods from computer vision and integrates them with adversarial training to simultaneously mitigate internal label sabotage and external adversarial perturbations. Extensive experiments conducted on a real-world dataset from an online gaming service demonstrate that DINA significantly improves model robustness and accuracy compared to baseline models. Our findings not only highlight the critical necessity of dual-threat defenses but also offer practical strategies for safeguarding NLP systems in realistic adversarial scenarios, underscoring broader implications for fair and responsible AI deployment.