Summary of A Curious Case Of Searching For the Correlation Between Training Data and Adversarial Robustness Of Transformer Textual Models, by Cuong Dang et al.
A Curious Case of Searching for the Correlation between Training Data and Adversarial Robustness of Transformer Textual Models
by Cuong Dang, Dung D. Le, Thai Le
First submitted to arxiv on: 18 Feb 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Computation and Language (cs.CL); Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The proposed paper investigates the correlation between training data and model robustness in fine-tuned textual transformer models. Existing works have shown that these models achieve state-of-the-art prediction performances but are also vulnerable to adversarial text perturbations. The authors extract 13 features representing various input fine-tuning corpora properties and use them to predict the adversarial robustness of the fine-tuned models. They focus on encoder-only transformer models BERT, RoBERTa, as well as additional results for BART, ELECTRA, and GPT2. Empirical analyses show that extracted features can be used with a lightweight classifier like Random Forest to predict attack success rate effectively, and features influencing model robustness have a clear correlation with robustness. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary This paper looks into how the data we train our language models on affects their ability to resist fake texts. Right now, researchers test these models after training them and ignoring where they got their information from. The authors want to know if there’s a connection between the data used for fine-tuning and how well the model can handle attacks. They took 13 characteristics of different datasets and used them to predict whether an attack would succeed or not. This helped them understand which features were most important for robustness. They also found that their method was much faster than traditional testing methods and worked with different models. |
Keywords
* Artificial intelligence * Bert * Encoder * Fine tuning * Random forest * Transformer
