| The principle of adversarial samples is to add imperceptible disturbances to the original data and make the result output wrong after inputting the model,which affects the accuracy of the model.Research shows that the existence of adversarial samples poses a huge security threat to the field of artificial intelligence.Adversarial samples have been widely studied in the image field.Using the continuity of image pixels and the depth model to learn the gradient changes in the image can generate adversarial samples that are difficult to detect by humans and have good attack effects.In the field of natural language processing,the generation of text adversarial samples is more difficult.This is since the text is a discrete signal,the semantics of single words and words are dense,and the semantic modification is easy to be detected.Aiming at the difficulties in the process of text adversarial sample generation,this paper proposes a text adversarial sample generation method based on typos,WordErrorSim,innovatively uses typos to construct adversarial sample search space,and proposes a Chinese phonetic similarity algorithm as the evaluation and selection of adversarial samples.Methods.This paper uses the typos in the SIGHAN 2013 database and the Chinese classic ZDIC to construct the adversarial search space,and generates text adversarial samples by replacing the similar characters,sounds,and typos of Chinese characters,so that the adversarial samples do not change the semantic grammar of the original sentence.Achieve the attack effect.This paper proposes and implements a Chinese phonetic similarity comparison algorithm,which calculates the short distance between the texts and the short distance between the texts based on the detailed information provided in the adversarial search space,and evaluates the magnitude of the change of the adversarial samples.This paper conducts experiments on the application of sentiment classification on Bi-LSTM and TextCNN models and proves that the WordErrorSim method can significantly reduce the classification accuracy of the model.Based on this method,this paper designs and implements a text adversarial sample generation system.The text adversarial sample generation system uses the Django framework,which mainly includes a sample input preprocessing module,an adversarial sample generation module,an adversarial sample evaluation module,a sample output and download module,and a data set and model management module.This article gives a detailed introduction to the framework and the flow of each functional module.Finally,through the test of the text adversarial sample generation system,it is verified that the system can effectively generate text adversarial samples,which proves the usability and effectiveness of the system. |
PDF Full Text Request