Effective faking of verbal deception detection with target-aligned adversarial attacks

• URL: http://arxiv.org/abs/2501.05962v1
• Date: Fri, 10 Jan 2025 13:42:40 GMT
• Title: Effective faking of verbal deception detection with target-aligned adversarial attacks
• Authors: Bennett Kleinberg, Riccardo Loconte, Bruno Verschuere,
• Abstract summary: Automated adversarial attacks that rewrite deceptive statements to appear truthful pose a serious threat.<n>We used a dataset of 243 truthful and 262 fabricated autobiographical stories in a deception detection task for humans and machine learning models.
• Score: 0.3441021278275805
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: Background: Deception detection through analysing language is a promising avenue using both human judgments and automated machine learning judgments. For both forms of credibility assessment, automated adversarial attacks that rewrite deceptive statements to appear truthful pose a serious threat. Methods: We used a dataset of 243 truthful and 262 fabricated autobiographical stories in a deception detection task for humans and machine learning models. A large language model was tasked to rewrite deceptive statements so that they appear truthful. In Study 1, humans who made a deception judgment or used the detailedness heuristic and two machine learning models (a fine-tuned language model and a simple n-gram model) judged original or adversarial modifications of deceptive statements. In Study 2, we manipulated the target alignment of the modifications, i.e. tailoring the attack to whether the statements would be assessed by humans or computer models. Results: When adversarial modifications were aligned with their target, human (d=-0.07 and d=-0.04) and machine judgments (51% accuracy) dropped to the chance level. When the attack was not aligned with the target, both human heuristics judgments (d=0.30 and d=0.36) and machine learning predictions (63-78%) were significantly better than chance. Conclusions: Easily accessible language models can effectively help anyone fake deception detection efforts both by humans and machine learning models. Robustness against adversarial modifications for humans and machines depends on that target alignment. We close with suggestions on advancing deception research with adversarial attack designs.

Related papers

• Analyzing the Impact of Adversarial Examples on Explainable Machine Learning [0.31498833540989407]
  Adversarial attacks are a type of attack on machine learning models where an attacker deliberately modifies the inputs to cause the model to make incorrect predictions. Work on the vulnerability of deep learning models to adversarial attacks has shown that it is very easy to make samples that make a model predict things that it doesn't want to. In this work, we analyze the impact of model interpretability due to adversarial attacks on text classification problems.
  arXiv  Detail & Related papers  (2023-07-17T08:50:36Z)
• Verifying the Robustness of Automatic Credibility Assessment [50.55687778699995]
  We show that meaning-preserving changes in input text can mislead the models. We also introduce BODEGA: a benchmark for testing both victim models and attack methods on misinformation detection tasks. Our experimental results show that modern large language models are often more vulnerable to attacks than previous, smaller solutions.
  arXiv  Detail & Related papers  (2023-03-14T16:11:47Z)
• Explainable Verbal Deception Detection using Transformers [1.5104201344012347]
  This paper proposes and evaluates six deep-learning models, including combinations of BERT (and RoBERTa), MultiHead Attention, co-attentions, and transformers. The findings suggest that our transformer-based models can enhance automated deception detection performances (+2.11% in accuracy)
  arXiv  Detail & Related papers  (2022-10-06T17:36:00Z)
• Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems [80.3811072650087]
  We show that it is possible to subtly modify claim-salient snippets in the evidence and generate diverse and claim-aligned evidence. The attacks are also robust against post-hoc modifications of the claim. These attacks can have harmful implications on the inspectable and human-in-the-loop usage scenarios.
  arXiv  Detail & Related papers  (2022-09-07T13:39:24Z)
• Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
  We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers. Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods. Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
  arXiv  Detail & Related papers  (2022-07-20T19:49:09Z)
• Btech thesis report on adversarial attack detection and purification of adverserially attacked images [0.0]
  This thesis report is on detection and purification of adverserially attacked images. A deep learning model is trained on certain training examples for various tasks such as classification, regression etc.
  arXiv  Detail & Related papers  (2022-05-09T09:24:11Z)
• A Word is Worth A Thousand Dollars: Adversarial Attack on Tweets Fools Stock Prediction [100.9772316028191]
  In this paper, we experiment with a variety of adversarial attack configurations to fool three stock prediction victim models. Our results show that the proposed attack method can achieve consistent success rates and cause significant monetary loss in trading simulation.
  arXiv  Detail & Related papers  (2022-05-01T05:12:22Z)
• Adversarial GLUE: A Multi-Task Benchmark for Robustness Evaluation of Language Models [86.02610674750345]
  Adversarial GLUE (AdvGLUE) is a new multi-task benchmark to explore and evaluate the vulnerabilities of modern large-scale language models under various types of adversarial attacks. We apply 14 adversarial attack methods to GLUE tasks to construct AdvGLUE, which is further validated by humans for reliable annotations. All the language models and robust training methods we tested perform poorly on AdvGLUE, with scores lagging far behind the benign accuracy.
  arXiv  Detail & Related papers  (2021-11-04T12:59:55Z)
• Poisoning Attacks on Fair Machine Learning [13.874416271549523]
  We present a framework that seeks to generate poisoning samples to attack both model accuracy and algorithmic fairness. We develop three online attacks, adversarial sampling, adversarial labeling, and adversarial feature modification. Our framework enables attackers to flexibly adjust the attack's focus on prediction accuracy or fairness and accurately quantify the impact of each candidate point to both accuracy loss and fairness violation.
  arXiv  Detail & Related papers  (2021-10-17T21:56:14Z)
• Learning to Attack: Towards Textual Adversarial Attacking in Real-world Situations [81.82518920087175]
  Adversarial attacking aims to fool deep neural networks with adversarial examples. We propose a reinforcement learning based attack model, which can learn from attack history and launch attacks more efficiently.
  arXiv  Detail & Related papers  (2020-09-19T09:12:24Z)
• How human judgment impairs automated deception detection performance [0.5660207256468972]
  We tested whether a combination of supervised machine learning and human judgment could improve deception detection accuracy. Human involvement through hybrid-overrule decisions brought the accuracy back to the chance level. The decision-making strategies of humans suggest that the truth bias - the tendency to assume the other is telling the truth - could explain the detrimental effect.
  arXiv  Detail & Related papers  (2020-03-30T10:06:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.