计算机应用研究2025,Vol.42Issue(6):1852-1858,7.DOI:10.19734/j.issn.1001-3695.2024.07.0376
基于多扰动策略的中文对抗样本生成方法
Chinese adversarial example generation method based on multi-disturbance strategy
摘要
Abstract
To address the vulnerability of deep neural networks to adversarial samples and the lack of high-quality adversarial samples in the Chinese context,the method introduced a new Chinese adversarial sample generation method named CMDS.In the keyword selection stage,the Score function used identifies positions where perturbations could be added effectively,ensuring the adversarial samples were both readable and difficult to detect.During the adversarial sample generation phase,the method fully exploited characteristics unique to Chinese,considering aspects such as character shape,meaning,and region-specific homophones.Various perturbation strategies,including similar characters,synonyms,homophones,and word order disruption,were employed along with a multi-priority perturbation strategy to generate adversarial samples.Finally,a perturbation rate threshold controlled the output,eliminating samples that differed too greatly from the original text.Following this,a series of ex-periments compared CMDS with baseline methods to explore the impact of perturbation threshold sizes,involved human evalua-tions,and conducted real-world attack tests.These experiments confirm the effectiveness and transferability of CMDS in enhan-cing model security.Results show that CMDS surpasses baseline methods in terms of attack success rate by up to 36.9 percen-tage points and improves model security by more than 30 percentage points.The generated adversarial samples are of high qua-lity and demonstrate strong generalizability.关键词
深度神经网络/自然语言处理/中文对抗样本/多扰动策略Key words
deep neural network/natural language processing(NLP)/Chinese adversarial example/multi-disturbance分类
信息技术与安全科学引用本文复制引用
王春东,竹文颖,林浩..基于多扰动策略的中文对抗样本生成方法[J].计算机应用研究,2025,42(6):1852-1858,7.基金项目
国家自然科学基金联合基金资助项目(U1536122) (U1536122)
国家重点研发计划"科技助力经济2020"重点专项资助项目(SQ2020YFF0413781) (SQ2020YFF0413781)
天津市科委重大专项资助项目(15ZXDSGX00030) (15ZXDSGX00030)
