Explore a conference talk on generating adversarial text sequences to evade deep learning classifiers in a black-box setting. Delve into the DeepWordBug algorithm, which effectively creates small text perturbations to force misclassification. Learn about novel scoring strategies for identifying crucial words to modify and simple character-level transformations to minimize edit distance. Examine the algorithm's performance on Enron spam emails and IMDB movie reviews datasets, where it significantly reduced classification accuracy. Gain insights into the transferability of generated adversarial sequences across different deep learning models.
Black-Box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers
Overview
Syllabus
Introduction
Application Scenario
Definition
Scoring Functions
Results
Experiments
Taught by
IEEE Symposium on Security and Privacy
