Machine Translation Models Stand Strong in the Face of Adversarial Attacks

by   Pavel Burnyshev, et al.

Adversarial attacks expose vulnerabilities of deep learning models by introducing minor perturbations to the input, which lead to substantial alterations in the output. Our research focuses on the impact of such adversarial attacks on sequence-to-sequence (seq2seq) models, specifically machine translation models. We introduce algorithms that incorporate basic text perturbation heuristics and more advanced strategies, such as the gradient-based attack, which utilizes a differentiable approximation of the inherently non-differentiable translation metric. Through our investigation, we provide evidence that machine translation models display robustness displayed robustness against best performed known adversarial attacks, as the degree of perturbation in the output is directly proportional to the perturbation in the input. However, among underdogs, our attacks outperform alternatives, providing the best relative performance. Another strong candidate is an attack based on mixing of individual characters.


page 1

page 2

page 3

page 4


Adversarial Attacks in Sound Event Classification

Adversarial attacks refer to a set of methods that perturb the input to ...

Masked Adversarial Generation for Neural Machine Translation

Attacking Neural Machine Translation models is an inherently combinatori...

On Evaluation of Adversarial Perturbations for Sequence-to-Sequence Models

Adversarial examples --- perturbations to the input of a model that elic...

Sentiment Perception Adversarial Attacks on Neural Machine Translation Systems

With the advent of deep learning methods, Neural Machine Translation (NM...

Detecting Word Sense Disambiguation Biases in Machine Translation for Model-Agnostic Adversarial Attacks

Word sense disambiguation is a well-known source of translation errors i...

Backdoor Learning on Sequence to Sequence Models

Backdoor learning has become an emerging research area towards building ...

On the Sensitivity of Deep Load Disaggregation to Adversarial Attacks

Non-intrusive Load Monitoring (NILM) algorithms, commonly referred to as...

Please sign up or login with your details

Forgot password? Click here to reset