Saved in:
Bibliographic Details
Main Authors: Xue, Yanni, Hao, Haojie, Wang, Jiakai, Sheng, Qiang, Tao, Renshuai, Liang, Yu, Feng, Pu, Liu, Xianglong
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2409.05021
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866929491596541952
author Xue, Yanni
Hao, Haojie
Wang, Jiakai
Sheng, Qiang
Tao, Renshuai
Liang, Yu
Feng, Pu
Liu, Xianglong
author_facet Xue, Yanni
Hao, Haojie
Wang, Jiakai
Sheng, Qiang
Tao, Renshuai
Liang, Yu
Feng, Pu
Liu, Xianglong
contents While neural machine translation (NMT) models achieve success in our daily lives, they show vulnerability to adversarial attacks. Despite being harmful, these attacks also offer benefits for interpreting and enhancing NMT models, thus drawing increased research attention. However, existing studies on adversarial attacks are insufficient in both attacking ability and human imperceptibility due to their sole focus on the scope of language. This paper proposes a novel vision-fused attack (VFA) framework to acquire powerful adversarial text, i.e., more aggressive and stealthy. Regarding the attacking ability, we design the vision-merged solution space enhancement strategy to enlarge the limited semantic solution space, which enables us to search for adversarial candidates with higher attacking ability. For human imperceptibility, we propose the perception-retained adversarial text selection strategy to align the human text-reading mechanism. Thus, the finally selected adversarial text could be more deceptive. Extensive experiments on various models, including large language models (LLMs) like LLaMA and GPT-3.5, strongly support that VFA outperforms the comparisons by large margins (up to 81%/14% improvements on ASR/SSIM).
format Preprint
id arxiv_https___arxiv_org_abs_2409_05021
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Vision-fused Attack: Advancing Aggressive and Stealthy Adversarial Text against Neural Machine Translation
Xue, Yanni
Hao, Haojie
Wang, Jiakai
Sheng, Qiang
Tao, Renshuai
Liang, Yu
Feng, Pu
Liu, Xianglong
Computation and Language
While neural machine translation (NMT) models achieve success in our daily lives, they show vulnerability to adversarial attacks. Despite being harmful, these attacks also offer benefits for interpreting and enhancing NMT models, thus drawing increased research attention. However, existing studies on adversarial attacks are insufficient in both attacking ability and human imperceptibility due to their sole focus on the scope of language. This paper proposes a novel vision-fused attack (VFA) framework to acquire powerful adversarial text, i.e., more aggressive and stealthy. Regarding the attacking ability, we design the vision-merged solution space enhancement strategy to enlarge the limited semantic solution space, which enables us to search for adversarial candidates with higher attacking ability. For human imperceptibility, we propose the perception-retained adversarial text selection strategy to align the human text-reading mechanism. Thus, the finally selected adversarial text could be more deceptive. Extensive experiments on various models, including large language models (LLMs) like LLaMA and GPT-3.5, strongly support that VFA outperforms the comparisons by large margins (up to 81%/14% improvements on ASR/SSIM).
title Vision-fused Attack: Advancing Aggressive and Stealthy Adversarial Text against Neural Machine Translation
topic Computation and Language
url https://arxiv.org/abs/2409.05021