«上一篇/Previous Article|本期目录/Table of Contents|下一篇/Next Article»

j. issn. 1673-629X. 2023. 03. 015]
点击复制

面向自然语言处理领域的对抗样本生成方法()

分享到：

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:: 33
期数:: 2023年03期

页码:: 98-104

栏目:: 网络空间安全

出版日期:: 2023-03-10

文章信息/Info

Title:: Adversarial Examples Generation Method for Natural Language Processing

文章编号:: 1673-629X(2023)03-0098-07

作者:: 张影; 方贤进; 杨高明; 安徽理工大学计算机科学与工程学院,安徽淮南 232001

Author(s):: ZHANG Ying; FANG Xian-jin; YANG Gao-ming; School of Computer Science and Engineering,Anhui University of Science and Technology,Huainan 232001,China

关键词:: 自然语言处理; 文本对抗样本; 文本分类; 深度学习; 单词级

Keywords:: natural language processing; text adversarial examples; text classification; deep learning; word-level

分类号:: TP301. 6

DOI:: 10. 3969 / j. issn. 1673-629X. 2023. 03. 015

摘要:: 利用深度神经网络实现自然语言处理领域的文本分类任务时,容易遭受对抗样本攻击,研究对抗样本的生成方法有助于提升深度神经网络的鲁棒性。因此,提出了一种单词级的文本对抗样本生成方法。首先,设计单词的重要性计算函数;然后,利用分类概率查找到单词的最佳同义替换词,并将两者结合确定单词的替换顺序;最后,根据替换顺序生成与原始样本接近的对抗样本。在自然语言处理任务上针对卷积神经网络、长短时记忆网络和双向长短时记忆网络模型进行的实验表明:生成的对抗样本降低了模型的分类准确率和扰动率,且经过对抗训练之后模型的鲁棒性有所提高。

Abstract:: When using deep neural networks to implement text classification tasks in the field of natural language processing,it is easy tobe attacked by adversarial samples. Therefore,studying the generation method of adversarial samples can help improve the robustness ofdeep neural networks. We propose a word-level text adversarial example generation method. Firstly,design the importance calculationfunction of the word,then use the classification probability to find the best synonymous replacement word for the word,and then combinethe two to determine the replacement order,and finally generate an adversarial sample that is close to the original sample according to thereplacement order. The experiments of convolutional neural network,long short-term memory network and bidirectional long short-termmemory network models on natural language processing tasks show that the generated adversarial samples reduce the classificationaccuracy and perturbation rate of the model,and the robustness of the model is improved after adversarial training.

相似文献/References:

[1]陈国华赵克李亚涛易帅.自然语言处理系统中的事件类名词的耦合处理[J].计算机技术与发展,2008,(06):60.
　CHEN Guo-hua,ZHAO Ke,LI Ya-tao,et al.Coupling Processing of Event Noun in NLP Systems[J].,2008,(03):60.
[2]程节华.基于FAQ的智能答疑系统中分词模块的设计[J].计算机技术与发展,2008,(07):181.
　CHENG Jie-hua.Design of Words Module in Intelligent Q/A System Based on FAQ[J].,2008,(03):181.
[3]杨欢许威赵克陈余.动词属性在自然语言处理当中的研究与应用[J].计算机技术与发展,2008,(07):233.
　YANG Huan,XU Wei,ZHAO Ke,et al.Research and Application of Verb Attributes in Natural Language Processing[J].,2008,(03):233.
[4]孙超张仰森.面向综合语言知识库的知识融合与获取研究[J].计算机技术与发展,2010,(08):25.
　SUN Chao,ZHANG Yang-sen.Research of Knowledge Integration and Obtaining Oriented Comprehensive Language Knowledge System[J].,2010,(03):25.
[5]党建亿珍珍赵克殷鸿.数学领域集体词结构形式化处理研究[J].计算机技术与发展,2007,(05):121.
　DANG Jian,YI Zhen-zhen,ZHAO Ke,et al.Research of Formalization Processing for Collective Structures in Mathematics Domain[J].,2007,(03):121.
[6]江有福郑庆华.自然语言网络答疑系统中倒排索引技术的研究[J].计算机技术与发展,2006,(02):126.
　JIANG You-fu,ZHENG Qing-hua.Research of Inverted Index in NLWAS[J].,2006,(03):126.
[7]刘亚清张瑾于纯妍.基于义原同现频率的汉语词义排歧系统[J].计算机技术与发展,2006,(05):184.
　LIU Ya-qing,ZHANG Jin,YU Chun-yan.A Chinese Word Sense Disambiguation System Based on Primitive CO- Occurrence Data[J].,2006,(03):184.
[8]刘政怡李炜吴建国.基于IMM—IME的汉字键盘输入法编程技术研究[J].计算机技术与发展,2006,(12):43.
　LIU Zheng-yi,LI Wei,WU Jian-guo.Research of Programming Technology of Chinese Input Method Based on IMM- IME[J].,2006,(03):43.
[9]赵鹏何留进孙凯方薇[].基于情感计算的网络中文信息分析技术[J].计算机技术与发展,2010,(11):146.
　ZHAO Peng,HE Liu-jin,SUN Kai,et al.Analyzing Technologies of Internet Chinese Information Based on Affective Computing[J].,2010,(03):146.
[10]徐远方李成城.基于SVM和词间特征的新词识别研究[J].计算机技术与发展,2012,(05):134.
　XU Yuan-fang,LI Cheng-cheng.Research on New Word Identification Based on SVM and Word Characteristics[J].,2012,(03):134.

常用功能

工具/Tools

统计/Statistics

摘要浏览/Viewed855
全文下载/Downloads287
评论/Comments