Attacking neural machine translations via hybrid attention learning

Ni, M; Wang, C; Zhu, T; Yu, S; Liu, W

Attacking neural machine translations via hybrid attention learning

Ni, M Wang, C Zhu, T

Yu, S

Liu, W

Permalink

Publisher:: Springer Nature
Publication Type:: Journal Article
Citation:: Machine Learning, 2022, 111, (11), pp. 3977-4002
Issue Date:: 2022-11-01

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download Published versionAdobe PDF (2.21 MB)

View on publisher's site

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Ni, M
dc.contributor.author	Wang, C
dc.contributor.author	Zhu, T https://orcid.org/0000-0003-3411-7947
dc.contributor.author	Yu, S https://orcid.org/0000-0003-4485-6743
dc.contributor.author	Liu, W
dc.date.accessioned	2023-03-20T03:10:10Z
dc.date.available	2023-03-20T03:10:10Z
dc.date.issued	2022-11-01
dc.identifier.citation	Machine Learning, 2022, 111, (11), pp. 3977-4002
dc.identifier.issn	0885-6125
dc.identifier.issn	1573-0565
dc.identifier.uri	http://hdl.handle.net/10453/167729
dc.description.abstract	Deep-learning based natural language processing (NLP) models are proven vulnerable to adversarial attacks. However, there is currently insufficient research that studies attacks to neural machine translations (NMTs) and examines the robustness of deep-learning based NMTs. In this paper, we aim to fill this critical research gap. When generating word-level adversarial examples in NLP attacks, there is a conventional trade-off in existing methods between the attacking performance and the amount of perturbations. Although some literature has studied such a trade-off and successfully generated adversarial examples with a reasonable amount of perturbations, it is still challenging to generate highly successful translation attacks while concealing the changes to the texts. To this end, we propose a novel Hybrid Attentive Attack method to locate language-specific and sequence-focused words, and make semantic-aware substitutions to attack NMTs. We evaluate the effectiveness of our attack strategy by attacking three high-performing translation models. The experimental results show that our method achieves the highest attacking performance compared with other existing attacking strategies.
dc.language	en
dc.publisher	Springer Nature
dc.relation.ispartof	Machine Learning
dc.relation.isbasedon	10.1007/s10994-022-06249-x
dc.rights	info:eu-repo/semantics/openAccess
dc.subject	0801 Artificial Intelligence and Image Processing, 0806 Information Systems, 1702 Cognitive Sciences
dc.subject.classification	Artificial Intelligence & Image Processing
dc.title	Attacking neural machine translations via hybrid attention learning
dc.type	Journal Article
utslib.citation.volume	111
utslib.for	0801 Artificial Intelligence and Image Processing
utslib.for	0806 Information Systems
utslib.for	1702 Cognitive Sciences
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Strength - AAII - Australian Artificial Intelligence Institute
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
utslib.copyright.status	open_access	*
dc.date.updated	2023-03-20T03:10:09Z
pubs.issue	11
pubs.publication-status	Published
pubs.volume	111
utslib.citation.issue	11

Abstract:

Deep-learning based natural language processing (NLP) models are proven vulnerable to adversarial attacks. However, there is currently insufficient research that studies attacks to neural machine translations (NMTs) and examines the robustness of deep-learning based NMTs. In this paper, we aim to fill this critical research gap. When generating word-level adversarial examples in NLP attacks, there is a conventional trade-off in existing methods between the attacking performance and the amount of perturbations. Although some literature has studied such a trade-off and successfully generated adversarial examples with a reasonable amount of perturbations, it is still challenging to generate highly successful translation attacks while concealing the changes to the texts. To this end, we propose a novel Hybrid Attentive Attack method to locate language-specific and sequence-focused words, and make semantic-aware substitutions to attack NMTs. We evaluate the effectiveness of our attack strategy by attacking three high-performing translation models. The experimental results show that our method achieves the highest attacking performance compared with other existing attacking strategies.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/167729