Systematic Attack Surface Reduction For Deployed Sentiment Analysis Models

Kalin, Josh; Noever, David; Dozier, Gerry

doi:10.48550/arxiv.2006.11130

Cited by 3 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recent papers focus on securing models during the development process. Green team machine learning creates a process called "Build, Attack, Defend" to evaluate the machine learning models during the development process and begin protecting against red team style attacks on the models [9]. Attacks are increasingly sophisticated with their ability to detect the underlying model architecture and therefore, exploit vulnerabilities in these models.…”

Section: Securing Deployed Models Against Adversarial Attacksmentioning

confidence: 99%

Automating defense against adversarial attacks: discovery of vulnerabilities and application of multi-INT imagery to protect deployed models

Kalin

Noever

Ciolino

et al. 2021

Disruptive Technologies in Information Sciences V

Self Cite

View full text Add to dashboard Cite

Image classification is a common step in image recognition for machine learning in overhead applications. When applying popular model architectures like MobileNetV2, known vulnerabilities expose the model to counter -attacks, either mislabeling a known class or altering box location. This work proposes an automated approach to defend these models. We evaluate the use of multi-spectral image arrays and ensemble learners to combat adversarial attacks. The original contribution demonstrates the attack, proposes a remedy, and automates some key outcomes for protecting the model's predictions against adversaries. In rough analogy to defendin g cyber-networks, we combine techniques from both offensive ("red team") and defensive ("blue team") approaches, thus generating a hybrid protective outcome ("green team"). For machine learning, we demonstrate these methods with 3-color channels plus infrared for vehicles. The outcome uncovers vulnerabilities and corrects them with supplemental data inputs commonly found in overhead cases particularly.

show abstract

Section: Securing Deployed Models Against Adversarial Attacksmentioning

confidence: 99%

Automating defense against adversarial attacks: discovery of vulnerabilities and application of multi-INT imagery to protect deployed models

Kalin

Noever

Ciolino

et al. 2021

Disruptive Technologies in Information Sciences V

Self Cite

View full text Add to dashboard Cite

show abstract

“…Further, Kurita et al (2020) observed that in spite of rich sub-word representations, a BERT-based classifier can be deceived by inserting a specific rare word to an abusive sentence. Kalin et al (2020) proposed a structured approach for securing a toxicity detection classifier in a production setting.…”

Section: Current Technical and Ethical Challengesmentioning

confidence: 99%

Towards Ethics by Design in Online Abusive Content Detection

Kiritchenko¹,

Nejadgholi²

2020

Preprint

View full text Add to dashboard Cite

To support safety and inclusion in online communications, significant efforts in NLP research have been put towards addressing the problem of abusive content detection, commonly defined as a supervised classification task. The research effort has spread out across several closely related sub-areas, such as detection of hate speech, toxicity, cyberbullying, etc. There is a pressing need to consolidate the field under a common framework for task formulation, dataset design and performance evaluation. Further, despite current technologies achieving high classification accuracies, several ethical issues have been revealed. We bring ethical issues to forefront and propose a unified framework as a two-step process. First, online content is categorized around personal and identity-related subject matters. Second, severity of abuse is identified through comparative annotation within each category. The novel framework is guided by the Ethics by Design principle and is a step towards building more accurate and trusted models.

show abstract

“…As shown in Figure 3, Leet-speak uses an alternative alphabet of numbers and symbols to replace various letters in words [1][2][3]. As an innovative language strategy, Leet might be one of the first adversarial attacks on machine-driven filters [31].…”

Section: Introductionmentioning

confidence: 99%

Local Translation Services for Neglected Languages

Noever¹,

Kalin²,

Ciolino³

et al. 2021

Computer Science &Amp; Information Technology (CS &Amp; IT)

Self Cite

View full text Add to dashboard Cite

Taking advantage of computationally lightweight, but high-quality translators prompt consideration of new applications that address neglected languages. For projects with protected or personal data, translators for less popular or low-resource languages require specific compliance checks before posting to a public translation API. In these cases, locally run translators can render reasonable, cost-effective solutions if done with an army of offline, smallscale pair translators. Like handling a specialist’s dialect, this research illustrates translating two historically interesting, but obfuscated languages: 1) hacker-speak (“l33t”) and 2) reverse (or “mirror”) writing as practiced by Leonardo da Vinci. The work generalizes a deep learning architecture to translatable variants of hacker-speak with lite, medium, and hard vocabularies. The original contribution highlights a fluent translator of hacker-speak in under 50 megabytes and demonstrates a companion text generator for augmenting future datasets with greater than a million bilingual sentence pairs. A primary motivation stems from the need to understand and archive the evolution of the international computer community, one that continuously enhances their talent for speaking openly but in hidden contexts. This training of bilingual sentences supports deep learning models using a long short-term memory, recurrent neural network (LSTM-RNN). It extends previous work demonstrating an English-to-foreign translation service built from as little as 10,000 bilingual sentence pairs. This work further solves the equivalent translation problem in twenty-six additional (non-obfuscated) languages and rank orders those models and their proficiency quantitatively with Italian as the most successful and Mandarin Chinese as the most challenging. For neglected languages, the method prototypes novel services for smaller niche translations such as Kabyle (Algerian dialect) which covers between 5-7 million speakers but one which for most enterprise translators, has not yet reached development. One anticipates the extension of this approach to other important dialects, such as translating technical (medical or legal) jargon and processing health records or handling many of the dialects collected from specialized domains (mixed languages like “Spanglish”, acronym-laden Twitter feeds, or urban slang).

show abstract

Systematic Attack Surface Reduction For Deployed Sentiment Analysis Models

Cited by 3 publications

References 0 publications

Automating defense against adversarial attacks: discovery of vulnerabilities and application of multi-INT imagery to protect deployed models

Automating defense against adversarial attacks: discovery of vulnerabilities and application of multi-INT imagery to protect deployed models

Towards Ethics by Design in Online Abusive Content Detection

Local Translation Services for Neglected Languages

Contact Info

Product

Resources

About