Less is More: Understanding Word-level Textual Adversarial Attack via n-gram Frequency Descend

arXiv:2302.02568v3 Announce Type: replace-cross
Abstract: Word-level textual adversarial attacks have demonstrated notable efficacy in misleading Natural Language Processing (NLP) models. Despite their success, the underlying reasons for their effectiveness and the fundamental characteristics of adversarial examples (AEs) remain obscure. This work aims to interpret word-level attacks by examining their $n$-gram frequency patterns. Our comprehensive experiments reveal that in approximately 90\% of cases, word-level attacks lead to the generation of examples where the frequency of $n$-grams decreases, a tendency we term …

adversarial adversarial attack adversarial attacks aes arxiv attack attacks cs.ai cs.cl cs.cr cs.lg examples language natural natural language natural language processing nlp understanding word work