Proceedings of the 2019 Conference on Empirical Methods in Natural Language Processing and the 9th International Joint Conferen 2019
DOI: 10.18653/v1/d19-1419
|View full text |Cite
|
Sign up to set email alerts
|

Achieving Verified Robustness to Symbol Substitutions via Interval Bound Propagation

Abstract: Neural networks are part of many contemporary NLP systems, yet their empirical successes come at the price of vulnerability to adversarial attacks. Previous work has used adversarial training and data augmentation to partially mitigate such brittleness, but these are unlikely to find worst-case adversaries due to the complexity of the search space arising from discrete text perturbations. In this work, we approach the problem from the opposite direction: to formally verify a system's robustness against a prede… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

1
122
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
3
2

Relationship

0
10

Authors

Journals

citations
Cited by 100 publications
(123 citation statements)
references
References 25 publications
1
122
0
Order By: Relevance
“…Additionally, the edit distance constraint is sometimes used when improving the robustness of models. For example, Huang et al (2019) uses Interval Bound Propagation to ensure model robustness to perturbations within some edit distance of the input.…”
Section: Overlapmentioning
confidence: 99%
“…Additionally, the edit distance constraint is sometimes used when improving the robustness of models. For example, Huang et al (2019) uses Interval Bound Propagation to ensure model robustness to perturbations within some edit distance of the input.…”
Section: Overlapmentioning
confidence: 99%
“…There has also been a trend in usage of certified robustness approaches (Ko et al, 2019;Huang et al, 2019;Shi et al, 2020) which provide guarantees on the minimum performance of models. The main technique so far is to propagate interval bounds around input word embeddings and has been applied for robustness to synonyms change.…”
Section: Resultsmentioning
confidence: 99%
“…(2) Interval Bound Propagation (IBP) (Dvijotham et al, 2018) is proposed as a new technique to theoretically consider the worst-case perturbation. Recent works (Jia et al, 2019;Huang et al, 2019) have applied IBP in the NLP domain to certify the robustness of models. (3) Language models including GPT2 (Radford et al, 2019) may also function as an anomaly detector to probe the inconsistent and unnatural adversarial sentences.…”
Section: Discussion and Future Workmentioning
confidence: 99%