Purdue University Graduate School
Browse

Enhancing Accessibility in Black-Box Attack Research with BinarySelect.pdf

Download (709.1 kB)
thesis
posted on 2024-04-28, 17:40 authored by Shatarupa GhoshShatarupa Ghosh

Adversarial text attack research is crucial for evaluating NLP model robustness and addressing privacy concerns. However, the increasing complexity of transformer and pretrained

language models has led to significant time and resource requirements for training and testing. This challenge is particularly pronounced in black-box attacks, where hundreds

or thousands of queries may be needed to identify critical words leveraged by the target model. To overcome this, we introduce BinarySelect, a novel method combining binary search

with adversarial attack techniques to reduce query numbers significantly while maintaining attack effectiveness. Our experiments show that BinarySelect requires far fewer queries than traditional methods, making adversarial attack research more accessible to researchers with limited resources. We demonstrate the efficacy of BinarySelect across multiple datasets and classifiers, showcasing its potential for efficient adversarial attack exploration and addressing related black-box challenges.

History

Degree Type

  • Master of Science

Department

  • Computer Science

Campus location

  • Fort Wayne

Advisor/Supervisor/Committee Chair

Jonathan Rusert

Advisor/Supervisor/Committee co-chair

Adolfo Coronado

Additional Committee Member 2

Beomjin Kim

Usage metrics

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC