TY - GEN
T1 - The Impact of an Adversary in a Language Model
AU - Liang, Zhengzhong
AU - Ditzler, Gregory
N1 - Funding Information:
1El Gato supported by the National Science Foundation under Grant No. 1228509.
Publisher Copyright:
© 2018 IEEE.
PY - 2019/1/28
Y1 - 2019/1/28
N2 - Neural networks have been quite successful at complex classification tasks. Furthermore, they have the ability to learn information from a large volume of data. Unfortunately, not all of the sources available are secure and there is a possibility that an adversary in the environment has the malicious intention to poison a training dataset to cause the neural network to have a poor generalization error. Therefore, it is important to observe how susceptible a neural network is to the free parameters (i.e., gradient thresholds, hidden layer size, etc.) and the availability of adversarial data. In this work, we study the impact of an adversary for language models with Long Short-Term Memory (LSTM) networks and its configurations. We experimented with the Penn Tree Bank (PTB) dataset and adversarial text that was sampled from works in a different era. Our results show that there are several effective ways to poison such an LSTM language model. Furthermore, from our experiments, we are able to provide suggestions about the steps that can be taken to reduce the impact of such attacks.
AB - Neural networks have been quite successful at complex classification tasks. Furthermore, they have the ability to learn information from a large volume of data. Unfortunately, not all of the sources available are secure and there is a possibility that an adversary in the environment has the malicious intention to poison a training dataset to cause the neural network to have a poor generalization error. Therefore, it is important to observe how susceptible a neural network is to the free parameters (i.e., gradient thresholds, hidden layer size, etc.) and the availability of adversarial data. In this work, we study the impact of an adversary for language models with Long Short-Term Memory (LSTM) networks and its configurations. We experimented with the Penn Tree Bank (PTB) dataset and adversarial text that was sampled from works in a different era. Our results show that there are several effective ways to poison such an LSTM language model. Furthermore, from our experiments, we are able to provide suggestions about the steps that can be taken to reduce the impact of such attacks.
UR - http://www.scopus.com/inward/record.url?scp=85062769179&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85062769179&partnerID=8YFLogxK
U2 - 10.1109/SSCI.2018.8628894
DO - 10.1109/SSCI.2018.8628894
M3 - Conference contribution
AN - SCOPUS:85062769179
T3 - Proceedings of the 2018 IEEE Symposium Series on Computational Intelligence, SSCI 2018
SP - 658
EP - 665
BT - Proceedings of the 2018 IEEE Symposium Series on Computational Intelligence, SSCI 2018
A2 - Sundaram, Suresh
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th IEEE Symposium Series on Computational Intelligence, SSCI 2018
Y2 - 18 November 2018 through 21 November 2018
ER -