Enhancing Accessibility in Black-Box Attack Research with BinarySelect.pdf
Adversarial text attack research is crucial for evaluating NLP model robustness and addressing privacy concerns. However, the increasing complexity of transformer and pretrained
language models has led to significant time and resource requirements for training and testing. This challenge is particularly pronounced in black-box attacks, where hundreds
or thousands of queries may be needed to identify critical words leveraged by the target model. To overcome this, we introduce BinarySelect, a novel method combining binary search
with adversarial attack techniques to reduce query numbers significantly while maintaining attack effectiveness. Our experiments show that BinarySelect requires far fewer queries than traditional methods, making adversarial attack research more accessible to researchers with limited resources. We demonstrate the efficacy of BinarySelect across multiple datasets and classifiers, showcasing its potential for efficient adversarial attack exploration and addressing related black-box challenges.
History
Degree Type
- Master of Science
Department
- Computer Science
Campus location
- Fort Wayne