Saved in:
Bibliographic Details
Main Authors: Thota, Poojitha, Nilizadeh, Shirin
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2410.20019
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912087714824192
author Thota, Poojitha
Nilizadeh, Shirin
author_facet Thota, Poojitha
Nilizadeh, Shirin
contents Large Language Models have introduced novel opportunities for text comprehension and generation. Yet, they are vulnerable to adversarial perturbations and data poisoning attacks, particularly in tasks like text classification and translation. However, the adversarial robustness of abstractive text summarization models remains less explored. In this work, we unveil a novel approach by exploiting the inherent lead bias in summarization models, to perform adversarial perturbations. Furthermore, we introduce an innovative application of influence functions, to execute data poisoning, which compromises the model's integrity. This approach not only shows a skew in the models behavior to produce desired outcomes but also shows a new behavioral change, where models under attack tend to generate extractive summaries rather than abstractive summaries.
format Preprint
id arxiv_https___arxiv_org_abs_2410_20019
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions
Thota, Poojitha
Nilizadeh, Shirin
Computation and Language
Cryptography and Security
Large Language Models have introduced novel opportunities for text comprehension and generation. Yet, they are vulnerable to adversarial perturbations and data poisoning attacks, particularly in tasks like text classification and translation. However, the adversarial robustness of abstractive text summarization models remains less explored. In this work, we unveil a novel approach by exploiting the inherent lead bias in summarization models, to perform adversarial perturbations. Furthermore, we introduce an innovative application of influence functions, to execute data poisoning, which compromises the model's integrity. This approach not only shows a skew in the models behavior to produce desired outcomes but also shows a new behavioral change, where models under attack tend to generate extractive summaries rather than abstractive summaries.
title Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions
topic Computation and Language
Cryptography and Security
url https://arxiv.org/abs/2410.20019