Blog
About

0
views
0
recommends
+1 Recommend
0 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Achieving Verified Robustness to Symbol Substitutions via Interval Bound Propagation

      Preprint

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Neural networks are part of many contemporary NLP systems, yet their empirical successes come at the price of vulnerability to adversarial attacks. Previous work has used adversarial training and data augmentation to partially mitigate such brittleness, but these are unlikely to find worst-case adversaries due to the complexity of the search space arising from discrete text perturbations. In this work, we approach the problem from the opposite direction: to formally verify a system's robustness against a predefined class of adversarial attacks. We study text classification under synonym replacements or character flip perturbations. We propose modeling these input perturbations as a simplex and then using Interval Bound Propagation -- a formal model verification method. We modify the conventional log-likelihood training objective to train models that can be efficiently verified, which would otherwise come with exponential search complexity. The resulting models show only little difference in terms of nominal accuracy, but have much improved verified accuracy under perturbations and come with an efficiently computable formal guarantee on worst case adversaries.

          Related collections

          Most cited references 16

          • Record: found
          • Abstract: not found
          • Article: not found

          Glove: Global Vectors for Word Representation

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            WordNet: a lexical database for English

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Deep Contextualized Word Representations

                Bookmark

                Author and article information

                Journal
                03 September 2019
                Article
                1909.01492

                http://arxiv.org/licenses/nonexclusive-distrib/1.0/

                Custom metadata
                Accepted in EMNLP 2019
                cs.CL cs.CR cs.LG stat.ML

                Comments

                Comment on this article