Detection of Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation

KiYoon Yoo; Jangho Kim; Jiho Jang; Nojun Kwak

doi:10.18653/v1/2022.findings-acl.289

Detection of Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation

KiYoon Yoo, Jangho Kim, Jiho Jang, Nojun Kwak

Abstract

Word-level adversarial attacks have shown success in NLP models, drastically decreasing the performance of transformer-based models in recent years. As a countermeasure, adversarial defense has been explored, but relatively few efforts have been made to detect adversarial examples. However, detecting adversarial examples may be crucial for automated tasks (e.g. review sentiment analysis) that wish to amass information about a certain population and additionally be a step towards a robust defense system. To this end, we release a dataset for four popular attack methods on four datasets and four models to encourage further research in this field. Along with it, we propose a competitive baseline based on density estimation that has the highest auc on 29 out of 30 dataset-attack-model combinations. The source code is released (https://github.com/bangawayoo/adversarial-examples-in-text-classification).

Anthology ID:: 2022.findings-acl.289
Volume:: Findings of the Association for Computational Linguistics: ACL 2022
Month:: May
Year:: 2022
Address:: Dublin, Ireland
Editors:: Smaranda Muresan, Preslav Nakov, Aline Villavicencio
Venue:: Findings
SIG:
Publisher:: Association for Computational Linguistics
Note:
Pages:: 3656–3672
Language:
URL:: https://aclanthology.org/2022.findings-acl.289
DOI:: 10.18653/v1/2022.findings-acl.289
Bibkey:
Cite (ACL):: KiYoon Yoo, Jangho Kim, Jiho Jang, and Nojun Kwak. 2022. Detection of Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation. In Findings of the Association for Computational Linguistics: ACL 2022, pages 3656–3672, Dublin, Ireland. Association for Computational Linguistics.
Cite (Informal):: Detection of Adversarial Examples in Text Classification: Benchmark and Baseline via Robust Density Estimation (Yoo et al., Findings 2022)
Copy Citation:
PDF:: https://preview.aclanthology.org/emnlp-22-attachments/2022.findings-acl.289.pdf
Software:: 2022.findings-acl.289.software.zip
Video:: https://preview.aclanthology.org/emnlp-22-attachments/2022.findings-acl.289.mp4
Code: bangawayoo/adversarial-examples-in-text-classification
Data: AG News, IMDb Movie Reviews, SST, SST-2

PDF Search Code Software Video