检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:胡新荣[1,2] 徐策 王帮超 刘军平 杨华利 万红艳 HU Xinrong;XU Ce;WANG Bangchao;LIU Junping;YANG Huali;WAN Hongyan(School of Computer and Artificial Intelligence,Wuhan Textile University,Wuhan,Hubei 430200,China;Hubei Provincial Research Center Garment Informatization Engineering Technology,Wuhan,Hubei 430200,China)
机构地区:[1]武汉纺织大学计算机与人工智能学院,湖北武汉430200 [2]湖北省服装信息化工程技术研究中心,湖北武汉430200
出 处:《中文信息学报》2024年第7期31-39,共9页Journal of Chinese Information Processing
基 金:CCF-智谱大模型基金(CCF-Zhipi202312)。
摘 要:深度神经网络(Deep Neural Networks,DNNs)在自然语言处理各项任务中均表现出良好性能,但它们易受到对抗性样本的干扰,导致DNNs模型的性能降低。而现有的对抗防御侧重于在训练阶段提升模型的鲁棒性,忽略了在推理过程中抵御对抗性攻击。针对此问题,该文提出了词频检测-掩码恢复(Word Frequency detection Mask Recover,WFMR)的防御方法,该方法主要分两个步骤,通过词频异常检测WF和MR掩码恢复相结合来提升模型的鲁棒性。WF对句子中的单词进行词频检测,将低频的词视为异常单词,而MR通过掩码异常单词来使模型恢复到原始句子的周围。该文分别在三个数据集上利用四种攻击方法进行了综合实验,实验取得了良好的防御效果,验证了该方法的有效性。Deep Neural Networks(DNNs),with excellent performance in various natural language processing tasks,have been shown to suffer from performance drop if disturbed by carefully crafted adversarial examples.Existing adversarial defense methods focus on improving the robustness of the model during the training phase,ignoring the defense against adversarial attacks during the inference process.To address this issue,this paper proposes a defense method named Word Frequency Mask Recover(WFMR).WF detects anomalies by analyzing word frequencies in a sentence,considering low-frequency words as anomalous.MR makes the model recover around the original sentence by masking the abnormal words.This paper conducts comprehensive experiments on three text classification datasets using four attack methods,verifying the effectiveness of the method by a remarkable defense effect.
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.128.226.211