Staff View
Hard label black box attack on text classification

Descriptive

TitleInfo
Title
Hard label black box attack on text classification
Name (type = personal)
NamePart (type = family)
Saxena
NamePart (type = given)
Sachin
DisplayForm
Sachin Saxena
Role
RoleTerm (authority = RULIB); (type = text)
author
Name (type = personal)
NamePart (type = family)
Shende
NamePart (type = given)
Sunil
DisplayForm
Sunil Shende
Affiliation
Advisory Committee
Role
RoleTerm (authority = RULIB)
chair
Name (type = corporate)
NamePart
Rutgers University
Role
RoleTerm (authority = RULIB)
degree grantor
Name (type = corporate)
NamePart
Camden Graduate School
Role
RoleTerm (authority = RULIB)
school
TypeOfResource
Text
Genre (authority = marcgt)
theses
OriginInfo
DateCreated (qualifier = exact); (encoding = w3cdtf); (keyDate = yes)
2021
DateOther (type = degree); (qualifier = exact); (encoding = w3cdtf)
2021-01
Language
LanguageTerm (authority = ISO 639-3:2007); (type = text)
English
Abstract
Machine learning has been proven to be susceptible to carefully crafted samples, known as adversarial examples. The generation of these adversarial examples helps to make the models more robust and gives us an insight into the underlying decision-making of these models. Over the years, researchers have successfully attacked image classifiers in both white and black-box settings. However, these methods are not directly applicable to texts as text data is discrete. In recent years, research on crafting adversarial examples against textual applications has been on the rise. In this thesis work, we present a novel approach for hard-label black-box attacks against Natural Language Processing (NLP) classifiers, where no model information is disclosed, and an attacker can only query the model to get the final decision of the classifier, without confidence scores of the classes involved. Such an attack scenario applies to real-world black-box models being used for security-sensitive applications such as sentiment analysis and toxic content detection.
Subject (authority = local)
Topic
Adversarial attacks
Subject (authority = RUETD)
Topic
Computer Science
RelatedItem (type = host)
TitleInfo
Title
Rutgers University Electronic Theses and Dissertations
Identifier (type = RULIB)
ETD
Identifier
ETD_11427
PhysicalDescription
Form (authority = gmd)
InternetMediaType
application/pdf
InternetMediaType
text/xml
Note
Supplementary File: Colab Notebook
Extent
1 online resource (x, 47 pages)
Note (type = degree)
M.S.
Note (type = bibliography)
Includes bibliographical references
Genre (authority = ExL-Esploro)
ETD graduate
RelatedItem (type = host)
TitleInfo
Title
Camden Graduate School Electronic Theses and Dissertations
Identifier (type = local)
rucore10005600001
Location
PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier (type = doi)
doi:10.7282/t3-hf31-df92
Back to the top

Rights

RightsDeclaration (ID = rulibRdec0006)
The author owns the copyright to this work.
RightsHolder (type = personal)
Name
FamilyName
Saxena
GivenName
Sachin
Role
Copyright Holder
RightsEvent
Type
Permission or license
DateTime (encoding = w3cdtf); (qualifier = exact); (point = start)
2021-01-04 20:41:15
AssociatedEntity
Name
Sachin Saxena
Role
Copyright holder
Affiliation
Rutgers University. Camden Graduate School
AssociatedObject
Type
License
Name
Author Agreement License
Detail
I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top

Technical

RULTechMD (ID = TECHNICAL1)
ContentModel
ETD
OperatingSystem (VERSION = 5.1)
windows xp
CreatingApplication
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2021-01-06T06:05:32
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2021-01-06T18:28:03
ApplicationName
3-Heights(TM) PDF Security Shell 4.8.25.2 (http://www.pdf-tools.com)
Version
1.7
RULTechMD (ID = TECHNICAL2)
ContentModel
ETD
DateCreated (point = end); (encoding = w3cdtf); (qualifier = exact)
2021-02-07T14:19:35
Back to the top
Version 8.5.5
Rutgers University Libraries - Copyright ©2024