Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation

• URL: http://arxiv.org/abs/2204.08689v1
• Date: Tue, 19 Apr 2022 06:15:27 GMT
• Title: Generating Authentic Adversarial Examples beyond Meaning-preserving with Doubly Round-trip Translation
• Authors: Siyu Lai, Zhen Yang, Fandong Meng, Xue Zhang, Yufeng Chen, Jinan Xu and Jie Zhou
• Abstract summary: We propose a new criterion for NMT adversarial examples based on the Doubly Round-Trip Translation (DRTT) To enhance the robustness of the NMT model, we introduce the masked language models to construct bilingual adversarial pairs.
• Score: 64.16077929617119
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Generating adversarial examples for Neural Machine Translation (NMT) with single Round-Trip Translation (RTT) has achieved promising results by releasing the meaning-preserving restriction. However, a potential pitfall for this approach is that we cannot decide whether the generated examples are adversarial to the target NMT model or the auxiliary backward one, as the reconstruction error through the RTT can be related to either. To remedy this problem, we propose a new criterion for NMT adversarial examples based on the Doubly Round-Trip Translation (DRTT). Specifically, apart from the source-target-source RTT, we also consider the target-source-target one, which is utilized to pick out the authentic adversarial examples for the target NMT model. Additionally, to enhance the robustness of the NMT model, we introduce the masked language models to construct bilingual adversarial pairs based on DRTT, which are used to train the NMT model directly. Extensive experiments on both the clean and noisy test sets (including the artificial and natural noise) show that our approach substantially improves the robustness of NMT models.

Related papers

• A Relaxed Optimization Approach for Adversarial Attacks against Neural Machine Translation Models [44.04452616807661]
  We propose an optimization-based adversarial attack against Neural Machine Translation (NMT) models. Experimental results show that our attack significantly degrades the translation quality of multiple NMT models. Our attack outperforms the baselines in terms of success rate, similarity preservation, effect on translation quality, and token error rate.
  arXiv  Detail & Related papers  (2023-06-14T13:13:34Z)
• Latent Feature Relation Consistency for Adversarial Robustness [80.24334635105829]
  misclassification will occur when deep neural networks predict adversarial examples which add human-imperceptible adversarial noise to natural examples. We propose textbfLatent textbfFeature textbfRelation textbfConsistency (textbfLFRC) LFRC constrains the relation of adversarial examples in latent space to be consistent with the natural examples.
  arXiv  Detail & Related papers  (2023-03-29T13:50:01Z)
• TransFool: An Adversarial Attack against Neural Machine Translation Models [49.50163349643615]
  We investigate the vulnerability of Neural Machine Translation (NMT) models to adversarial attacks and propose a new attack algorithm called TransFool. We generate fluent adversarial examples in the source language that maintain a high level of semantic similarity with the clean samples. Based on automatic and human evaluations, TransFool leads to improvement in terms of success rate, semantic similarity, and fluency compared to the existing attacks.
  arXiv  Detail & Related papers  (2023-02-02T08:35:34Z)
• Towards Robust k-Nearest-Neighbor Machine Translation [72.9252395037097]
  k-Nearest-Neighbor Machine Translation (kNN-MT) becomes an important research direction of NMT in recent years. Its main idea is to retrieve useful key-value pairs from an additional datastore to modify translations without updating the NMT model. The underlying retrieved noisy pairs will dramatically deteriorate the model performance. We propose a confidence-enhanced kNN-MT model with robust training to alleviate the impact of noise.
  arXiv  Detail & Related papers  (2022-10-17T07:43:39Z)
• End-to-End Training for Back-Translation with Categorical Reparameterization Trick [0.0]
  Back-translation is an effective semi-supervised learning framework in neural machine translation (NMT) A pre-trained NMT model translates monolingual sentences and makes synthetic bilingual sentence pairs for the training of the other NMT model. The discrete property of translated sentences prevents information gradient from flowing between the two NMT models.
  arXiv  Detail & Related papers  (2022-02-17T06:31:03Z)
• Phrase-level Adversarial Example Generation for Neural Machine Translation [75.01476479100569]
  We propose a phrase-level adversarial example generation (PAEG) method to enhance the robustness of the model. We verify our method on three benchmarks, including LDC Chinese-English, IWSLT14 German-English, and WMT14 English-German tasks.
  arXiv  Detail & Related papers  (2022-01-06T11:00:49Z)
• Doubly-Trained Adversarial Data Augmentation for Neural Machine Translation [8.822338727711715]
  We generate adversarial augmentation samples that attack the model and preserve the source-side semantic meaning. The results from our experiments show that these adversarial samples improve the model robustness.
  arXiv  Detail & Related papers  (2021-10-12T02:23:00Z)
• Self-supervised and Supervised Joint Training for Resource-rich Machine Translation [30.502625878505732]
  Self-supervised pre-training of text representations has been successfully applied to low-resource Neural Machine Translation (NMT) We propose a joint training approach, $F$-XEnDec, to combine self-supervised and supervised learning to optimize NMT models.
  arXiv  Detail & Related papers  (2021-06-08T02:35:40Z)
• Beyond Noise: Mitigating the Impact of Fine-grained Semantic Divergences on Neural Machine Translation [14.645468999921961]
  We analyze the impact of different types of fine-grained semantic divergences on Transformer models. We introduce a divergent-aware NMT framework that uses factors to help NMT recover from the degradation caused by naturally occurring divergences.
  arXiv  Detail & Related papers  (2021-05-31T16:15:35Z)
• Source and Target Bidirectional Knowledge Distillation for End-to-end Speech Translation [88.78138830698173]
  We focus on sequence-level knowledge distillation (SeqKD) from external text-based NMT models. We train a bilingual E2E-ST model to predict paraphrased transcriptions as an auxiliary task with a single decoder.
  arXiv  Detail & Related papers  (2021-04-13T19:00:51Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.