Aliasing black box adversarial attack with joint self-attention distribution and confidence probability
| dc.contributor.author | Liu, Jun | |
| dc.contributor.author | Jin, Haoyu | |
| dc.contributor.author | Xu, Guangxia | |
| dc.contributor.author | Lin, Mingwei | |
| dc.contributor.author | Wu, Tao | |
| dc.contributor.author | Polat, Kemal | |
| dc.date.accessioned | 2023-10-25T07:20:42Z | |
| dc.date.available | 2023-10-25T07:20:42Z | |
| dc.date.issued | 2023 | en_US |
| dc.department | BAİBÜ, Mühendislik Fakültesi, Elektrik Elektronik Mühendisliği Bölümü | en_US |
| dc.description | This work was supported by the Chongqing Research Program of Basic Research and Frontier Technology (Grant No. cstc2021jcyj- msxmX0530 and Grant No. cstc2020jcyj-msxmX0804) , and the Tech- nology Innovation and Application Development Projects of Chongqing (Grant No. cstc2021jscx-gksbX0032, cstc2021jscx-gksbX0029) , and the Key R & D plan of Hainan Province (Grant No. ZDYF2021GXJS006) . | en_US |
| dc.description.abstract | Deep neural networks (DNNs) are vulnerable to adversarial attacks, in which a small perturbation to samples can cause misclassification. However, how to select important words for textual attack models is a big challenge. Therefore, in this paper, an innovative score-based attack model is proposed to solve the important words se-lection problem for textual attack models. To this end, the generation of semantically adversarial examples in this model is adopted to mislead a text classification model. Then, this model integrates the self-attention mechanism and confidence probabilities for the selection of the important words. Moreover, an alternative model similar to the transfer attack is introduced to reflect the correlation degree of words inside the texts. Finally, adversarial training experimental results demonstrate the superiority of the proposed model. | en_US |
| dc.description.sponsorship | Chongqing Research Program of Basic Research and Frontier Technology; Tech- nology Innovation and Application Development Projects of Chongqing; Key R & D plan of Hainan Province; [cstc2021jcyj- msxmX0530]; [cstc2020jcyj-msxmX0804]; [cstc2021jscx-gksbX0032]; [cstc2021jscx-gksbX0029]; [ZDYF2021GXJS006] | en_US |
| dc.identifier.citation | Liu, J., Jin, H., Xu, G., Lin, M., Wu, T., Nour, M., ... & Polat, K. (2023). Aliasing black box adversarial attack with joint self-attention distribution and confidence probability. Expert Systems with Applications, 214, 119110. | en_US |
| dc.identifier.doi | 10.1016/j.eswa.2022.119110 | |
| dc.identifier.endpage | 12 | en_US |
| dc.identifier.issn | 0957-4174 | |
| dc.identifier.issn | 1873-6793 | |
| dc.identifier.scopus | 2-s2.0-85141261103 | en_US |
| dc.identifier.scopusquality | Q1 | en_US |
| dc.identifier.startpage | 1 | en_US |
| dc.identifier.uri | http://dx.doi.org/10.1016/j.eswa.2022.119110 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12491/11791 | |
| dc.identifier.volume | 214 | en_US |
| dc.identifier.wos | WOS:000916091700002 | en_US |
| dc.identifier.wosquality | Q1 | en_US |
| dc.indekslendigikaynak | Web of Science | en_US |
| dc.indekslendigikaynak | Scopus | en_US |
| dc.institutionauthor | Polat, Kemal | |
| dc.language.iso | en | en_US |
| dc.publisher | Pergamon-Elsevier Science Ltd | en_US |
| dc.relation.ispartof | Expert Systems with Applications | en_US |
| dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| dc.rights | info:eu-repo/semantics/closedAccess | en_US |
| dc.subject | Adversarial Attack | en_US |
| dc.subject | Self-Attention Distribution | en_US |
| dc.subject | Text Classification | en_US |
| dc.subject | Efficient | en_US |
| dc.title | Aliasing black box adversarial attack with joint self-attention distribution and confidence probability | en_US |
| dc.type | Article | en_US |
