Exposing the Achilles’ heel of textual hate speech classifiers using indistinguishable adversarial examples

The accessibility of online hate speech has increased significantly, making it crucial for social-media companies to prioritize efforts to curb its spread. Although deep learning models demonstrate vulnerability to adversarial attacks, whether models fine-tuned for hate speech detection exhibit simi...

Full description

Saved in:
Bibliographic Details
Published in:Expert systems with applications Vol. 254; p. 124278
Main Authors: Aggarwal, Sajal, Vishwakarma, Dinesh Kumar
Format: Journal Article
Language:English
Published: Elsevier Ltd 15.11.2024
Subjects:
Adversarial attack
Glyphs
Hate speech
Natural Language Processing (NLP)
Offensive language
Transformers
Transformers
Adversarial attack
Glyphs
Hate speech
Offensive language
Natural Language Processing (NLP)
ISSN:0957-4174
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract The accessibility of online hate speech has increased significantly, making it crucial for social-media companies to prioritize efforts to curb its spread. Although deep learning models demonstrate vulnerability to adversarial attacks, whether models fine-tuned for hate speech detection exhibit similar susceptibility remains underexplored. Textual adversarial attacks involve making subtle alterations to the original samples. These alterations are designed so that the adversarial examples produced can effectively deceive the target model, even when correctly classified by human observers. Though many approaches have been proposed to conduct word-level adversarial attacks on textual data, they face the obstacle of preserving the semantic coherence of texts during the generation of adversarial counterparts. Moreover, the adversarial examples produced are often easily distinguishable by human observers. This work presents a novel methodology that uses visually confusable glyphs and invisible characters to generate semantically and visually similar adversarial examples in a black-box setting. In the hate speech detection task context, our attack was effectively applied to several state-of-the-art deep learning models, fine-tuned on two benchmark datasets. The major contributions of this study are: (1) demonstrating the vulnerability of deep learning models fine-tuned for hate speech detection; (2) a novel attack framework based on a simple yet potent modification strategy; (3) superior outcomes in terms of accuracy degradation, attack success rate, average perturbation, semantic similarity, and perplexity when compared to existing baselines; (4) strict adherence to prescribed linguistic constraints while formulating adversarial samples; and (5) preservation of ground truth label while perturbing original input using imperceptible adversarial examples.
AbstractList The accessibility of online hate speech has increased significantly, making it crucial for social-media companies to prioritize efforts to curb its spread. Although deep learning models demonstrate vulnerability to adversarial attacks, whether models fine-tuned for hate speech detection exhibit similar susceptibility remains underexplored. Textual adversarial attacks involve making subtle alterations to the original samples. These alterations are designed so that the adversarial examples produced can effectively deceive the target model, even when correctly classified by human observers. Though many approaches have been proposed to conduct word-level adversarial attacks on textual data, they face the obstacle of preserving the semantic coherence of texts during the generation of adversarial counterparts. Moreover, the adversarial examples produced are often easily distinguishable by human observers. This work presents a novel methodology that uses visually confusable glyphs and invisible characters to generate semantically and visually similar adversarial examples in a black-box setting. In the hate speech detection task context, our attack was effectively applied to several state-of-the-art deep learning models, fine-tuned on two benchmark datasets. The major contributions of this study are: (1) demonstrating the vulnerability of deep learning models fine-tuned for hate speech detection; (2) a novel attack framework based on a simple yet potent modification strategy; (3) superior outcomes in terms of accuracy degradation, attack success rate, average perturbation, semantic similarity, and perplexity when compared to existing baselines; (4) strict adherence to prescribed linguistic constraints while formulating adversarial samples; and (5) preservation of ground truth label while perturbing original input using imperceptible adversarial examples.
ArticleNumber 124278
Author Vishwakarma, Dinesh Kumar
Aggarwal, Sajal
Author_xml – sequence: 1
  givenname: Sajal
  surname: Aggarwal
  fullname: Aggarwal, Sajal
  email: sajalaggarwal_it20b11_08@dtu.ac.in
– sequence: 2
  givenname: Dinesh Kumar
  surname: Vishwakarma
  fullname: Vishwakarma, Dinesh Kumar
  email: dinesh@dtu.ac.in
BookMark eNp9kE1OwzAQhb0oEm3hAqx8gZSxk9SJxKaqyo9UiQ2sLcceE1dpEsVuKTuuwfU4CS5lxaKredLT96T5JmTUdi0ScsNgxoDNbzcz9O9qxoFnM8YzLooRGUOZiyRjIrskE-83AEwAiDHZrg595137RkONdKFr1zTovz-_aI3Y0M7SgIewUw2tVUDqe0RdU90o7511OHi6-6Vda5wPMe2cr1XVIFVmH2s1uMjiQW37uHtFLqxqPF7_3Sl5vV-9LB-T9fPD03KxTnQKEBKubFlAJRhyBTBnqSiE5dqkJcxTpnUFhWJYWRELW5R5VuZQZcbkOVpTcZNOCT_t6qHzfkAr-8Ft1fAhGcijJLmRR0nyKEmeJEWo-AdpF1RwXRsG5Zrz6N0JxfjUPmqRXjtsNRo3oA7SdO4c_gNxNIqV
CitedBy_id crossref_primary_10_1007_s10207_024_00925_w
crossref_primary_10_1038_s41598_024_76632_2
crossref_primary_10_1016_j_neucom_2024_128263
crossref_primary_10_1016_j_neunet_2025_107850
crossref_primary_10_1080_07421222_2025_2520173
crossref_primary_10_1016_j_knosys_2024_112532
crossref_primary_10_1016_j_neucom_2025_129660
crossref_primary_10_1016_j_knosys_2025_113350
crossref_primary_10_1016_j_neunet_2024_106512
Cites_doi 10.1016/j.eswa.2023.120898
10.18653/v1/2023.eacl-main.149
10.14722/ndss.2019.23138
10.1016/j.inffus.2023.101869
10.3115/v1/D14-1162
10.1049/cit2.12028
10.1609/icwsm.v11i1.14955
10.18653/v1/E17-1040
10.1016/j.ins.2023.119237
10.1162/tacl_a_00300
10.1016/j.eswa.2023.122223
10.1016/j.neucom.2021.05.103
10.1109/SP.2017.49
10.1201/9781351251389-8
10.1016/j.aiopen.2022.10.001
10.18653/v1/P19-1103
10.1016/j.neucom.2023.126787
10.1109/EuroSP.2016.36
10.18653/v1/2020.sustainlp-1.17
10.18653/v1/2022.naacl-main.125
10.1016/j.eswa.2021.115458
10.1007/s00530-023-01051-8
10.18653/v1/2023.trustnlp-1.24
10.1063/1.1699114
10.1016/j.neucom.2023.01.071
10.1007/s11633-019-1211-x
10.18653/v1/W19-4824
10.18653/v1/2021.emnlp-main.374
10.18653/v1/2020.emnlp-demos.16
10.1093/biomet/57.1.97
10.1109/ICNN.1995.488968
10.1016/j.knosys.2023.110515
10.18653/v1/P19-1561
10.18653/v1/2020.emnlp-main.495
10.1016/j.eswa.2022.119342
10.1145/3052973.3053009
10.1007/s40747-021-00608-2
10.1016/j.eswa.2023.122894
10.1080/08839514.2023.2166719
10.18653/v1/S19-2102
10.18653/v1/2021.naacl-main.423
ContentType Journal Article
Copyright 2024 Elsevier Ltd
Copyright_xml – notice: 2024 Elsevier Ltd
DBID AAYXX
CITATION
DOI 10.1016/j.eswa.2024.124278
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
ExternalDocumentID 10_1016_j_eswa_2024_124278
S0957417424011448
GroupedDBID --K
--M
.DC
.~1
0R~
13V
1B1
1RT
1~.
1~5
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
9JO
AAAKF
AABNK
AACTN
AAEDT
AAEDW
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AARIN
AAXUO
AAYFN
ABBOA
ABFNM
ABMAC
ABMVD
ABUCO
ACDAQ
ACGFS
ACHRH
ACNTT
ACRLP
ACZNC
ADBBV
ADEZE
ADTZH
AEBSH
AECPX
AEKER
AENEX
AFKWA
AFTJW
AGHFR
AGUBO
AGUMN
AGYEJ
AHHHB
AHJVU
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJOXV
AKRWK
ALEQD
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
APLSM
AXJTR
BJAXD
BKOJK
BLXMC
BNSAS
CS3
DU5
EBS
EFJIC
EO8
EO9
EP2
EP3
F5P
FDB
FIRID
FNPLU
FYGXN
G-Q
GBLVA
GBOLZ
HAMUX
IHE
J1W
JJJVA
KOM
LG9
LY1
LY7
M41
MO0
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
RIG
ROL
RPZ
SDF
SDG
SDP
SDS
SES
SEW
SPC
SPCBC
SSB
SSD
SSL
SST
SSV
SSZ
T5K
TN5
~G-
29G
9DU
AAAKG
AAQXK
AATTM
AAXKI
AAYWO
AAYXX
ABJNI
ABKBG
ABUFD
ABWVN
ABXDB
ACLOT
ACNNM
ACRPL
ACVFH
ADCNI
ADJOM
ADMUD
ADNMO
AEIPS
AEUPX
AFJKZ
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKYEP
ANKPU
APXCP
ASPBG
AVWKF
AZFZN
CITATION
EFKBS
EFLBG
EJD
FEDTE
FGOYB
G-2
HLZ
HVGLF
HZ~
R2-
SBC
SET
WUQ
XPP
ZMT
~HD
ID FETCH-LOGICAL-c300t-2af980b71e2a00613787f2cd390631ccb08a1ebf7378f8954950b4dd55efdb2d3
ISICitedReferencesCount 9
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001263673200001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 0957-4174
IngestDate Sat Nov 29 03:07:38 EST 2025
Tue Nov 18 22:31:01 EST 2025
Sat Aug 31 16:00:37 EDT 2024
IsPeerReviewed true
IsScholarly true
Keywords Transformers
Adversarial attack
Glyphs
Hate speech
Offensive language
Natural Language Processing (NLP)
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c300t-2af980b71e2a00613787f2cd390631ccb08a1ebf7378f8954950b4dd55efdb2d3
ParticipantIDs crossref_primary_10_1016_j_eswa_2024_124278
crossref_citationtrail_10_1016_j_eswa_2024_124278
elsevier_sciencedirect_doi_10_1016_j_eswa_2024_124278
PublicationCentury 2000
PublicationDate 2024-11-15
PublicationDateYYYYMMDD 2024-11-15
PublicationDate_xml – month: 11
  year: 2024
  text: 2024-11-15
  day: 15
PublicationDecade 2020
PublicationTitle Expert systems with applications
PublicationYear 2024
Publisher Elsevier Ltd
Publisher_xml – name: Elsevier Ltd
References Li, Ma, Guo, Xue, Qiu (b0235) 2020
119–126. https://doi.org/10.18653/v1/2020.emnlp-demos.16.
Davidson, T., Warmsley, D., Macy, M., & Weber, I. (2017). Automated Hate Speech Detection and the Problem of Offensive Language.
Qi, F., Chen, Y., Zhang, X., Li, M., Liu, Z., & Sun, M. (2021). Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer.
Liu, H., Cai, C., & Qi, Y. (2023). Expanding Scope: Adapting English Adversarial Attacks to Chinese.
5582–5591. https://doi.org/10.18653/v1/P19-1561.
Sharma, Kandasamy, Kandasamy (b0410) 2021; 185
124–135. https://doi.org/10.18653/v1/2020.sustainlp-1.17.
276–286. https://doi.org/10.18653/v1/2023.trustnlp-1.24.
Qi, F., Yang, C., Liu, Z., Dong, Q., Sun, M., & Dong, Z. (2019).
Kim (b0190) 2014
Radford, A., Metz, L., & Chintala, S. (2015). Unsupervised Representation Learning with Deep Convolutional Generative Adversarial Networks. In
Zhan, Yang, Wang, Zheng, Huang, Wang (b0495) 2023; 2023
Kennedy, J., & Eberhart, R. (1995). Particle swarm optimization.
1942–1948 vol.4. https://doi.org/10.1109/ICNN.1995.488968.
Madry, Makelov, Schmidt, Tsipras, Vladu (b0280) 2018
Kurakin, A., Goodfellow, I. J., & Bengio, S. (2018). Adversarial Examples in the Physical World. In R. V. Yampolskiy (Ed.)
Clark, K., Luong, M.-T., Le, Q. V., & Manning, C. D. (2020, April).
Lauriola, Lavelli, Aiolli (b0210) 2022; 470
Iandola, F., Shaw, A., Krishna, R., & Keutzer, K. (2020). SqueezeBERT: What can computer vision teach NLP about efficient neural networks?
Lei, Cao, Li, Zhou, Fang, Pechenizkiy (b0220) 2022; 2022
(n.d.). Retrieved 26 December 2023, from https://perspectiveapi.com/.
Formento, Foo, Tuan, Ng (b0120) 2023; 2023
Eighth International Conference on Learning Representations. https://iclr.cc/virtual_2020/poster_r1xMH1BtvB.html.
https://www.semanticscholar.org/paper/RoBERTa%3A-A-Robustly-Optimized-BERT-Pretraining-Liu-Ott/077f8329a7b6fa3b7c877a57b81eb6c18b5f87de.
Madhu, Satapara, Modha, Mandl, Majumder (b0275) 2023; 215
Ren, S., Deng, Y., He, K., & Che, W. (2019). Generating Natural Language Adversarial Examples through Probability Weighted Word Saliency.
Wang, B., Pei, H., Pan, B., Chen, Q., Wang, S., & Li, B. (2020). T3: Tree-Autoencoder Constrained Adversarial Text Generation for Targeted Attack.
Vaswani, Shazeer, Parmar, Uszkoreit, Jones, Gomez, Kaiser, Polosukhin (b0425) 2017; 30
Zheng, Zhu (b0515) 2023
,
Choi, Kim, Lee (b0080) 2022
.
Mamta, Ekbal (b0005) 2022; 2022
Zang, Qi, Yang, Liu, Zhang, Liu, Sun (b0490) 2020
Sanh, V., Debut, L., Chaumond, J., & Wolf, T. (2020).
Chen, Duan, Houthooft, Schulman, Sutskever, Abbeel (b0055) 2016
Carlini, N., & Wagner, D. (2017).
4569–4580. https://doi.org/10.18653/v1/2021.emnlp-main.374.
39–57. https://doi.org/10.1109/SP.2017.49.
Chang, Gao, Yao, Xiong (b0050) 2023; 529
(arXiv:1901.09957). arXiv. https://doi.org/10.48550/arXiv.1901.09957.
Chakraborty, Alam, Dey, Chattopadhyay, Mukhopadhyay (b0045) 2021; 6
Bajaj, Kumar Vishwakarma (b0020) 2023; 558
Lees, Tran, Tay, Sorensen, Gupta, Metzler, Vasserman (b0215) 2022
Pandey, Vishwakarma (b0335) 2023; 269
Moosavi-Dezfooli, Fawzi, Frossard (b0310) 2016; 2016
Zhao, Zhang, Xu, Yuan (b0505) 2022; 2022
Pavlopoulos, J., Thain, N., Dixon, L., & Androutsopoulos, I. (2019). ConvAI at SemEval-2019 Task 6: Offensive Language Identification and Categorization with Perspective and BERT. In J. May, E. Shutova, A. Herbelot, X. Zhu, M. Apidianaki, & S. M. Mohammad (Eds.)
Cheng, Jiang, Macherey (b0065) 2019
Chhabra, Vishwakarma (b0070) 2023; 29
Devlin, Chang, Lee, Toutanova (b0100) 2019
Modas, Moosavi-Dezfooli, Frossard (b0295) 2019; 2019
Yang, Qi, Chen, Liu, Liu (b0465) 2023; 644
del Valle-Cano, Quijano-Sánchez, Liberatore, Gómez (b0420) 2023; 216
(pp. 571–576). Association for Computational Linguistics. https://doi.org/10.18653/v1/S19-2102.
Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2017). Practical Black-Box Attacks against Machine Learning.
Mollas, Chrysopoulou, Karlos, Tsoumakas (b0300) 2022; 8
Macas, Wu, Fuertes (b0270) 2024; 238
Ebrahimi, Rao, Lowd, Dou (b0105) 2018
(pp. 1532–1543). Association for Computational Linguistics. https://doi.org/10.3115/v1/D14-1162.
1735–1746. https://doi.org/10.18653/v1/2022.naacl-main.125.
Iyyer, Wieting, Gimpel, Zettlemoyer (b0165) 2018
Wang, Xu, Liu, Cheng, Li (b0445) 2022; 2022
Zhang, Zhou, Miao, Li (b0500) 2019
Mehrish, Majumder, Bharadwaj, Mihalcea, Poria (b0285) 2023; 99
Gao, Lanchantin, Soffa, Qi (b0130) 2018; 2018
Bajaj, Vishwakarma (b0025) 2023
Jiao, Yin, Shang, Jiang, Chen, Li, Wang, Liu (b0170) 2020; 2020
Cer, Yang, Kong, Hua, Limtiaco, St. John, Constant, Guajardo-Cespedes, Yuan, Tar, Strope, Kurzweil (b0040) 2018
Morris, J., Lifland, E., Yoo, J. Y., Grigsby, J., Jin, D., & Qi, Y. (2020). TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP.
6134–6150. https://doi.org/10.18653/v1/2020.emnlp-main.495.
Zhao, Yuanzhe, Zhongtao, Yiming, Jun, Kang (b0510) 2022
Nguyen-Son, Ung, Hidano, Fukushima, Kiyomoto (b0325) 2022; 2022
Hayet, Yao, Luo (b0155) 2022; 2022
Yoo, Qi (b0480) 2021; 2021
Pruthi, D., Dhingra, B., & Lipton, Z. C. (2019). Combating Adversarial Misspellings with Robust Word Recognition.
Gaiński, P., & Ba\lazy, K. (2023). Step by Step Loss Goes Very Far: Multi-Step Quantization for Adversarial Text Attacks.
Joshi, Chen, Liu, Weld, Zettlemoyer, Levy (b0180) 2020; 8
Garg, Ramakrishnan (b0135) 2020
Oseledets, Khrulkov (b0330) 2018; 2018
Xu, Ma, Liu, Deb, Liu, Tang, Jain (b0450) 2020; 17
Zhou, Li, Min (b0525) 2022
Network and Distributed System Security Symposium, San Diego, CA. https://doi.org/10.14722/ndss.2019.23138.
(1), Article 1. https://doi.org/10.1609/icwsm.v11i1.14955.
Goodfellow, I. J., Shlens, J., & Szegedy, C. (2015).
Deng, C., Liu, M., Qin, Y., Zhang, J., Duan, H.-X., & Sun, D. (2022). ValCAT: Variable-Length Contextualized Adversarial Transformations Using Encoder-Decoder Language Model.
Yuan, Zhang, Chen, Wei (b0485) 2023; 2023
(1st ed., pp. 99–112). Chapman and Hall/CRC. https://doi.org/10.1201/9781351251389-8.
Radford, A., Wu, J., Child, R., Luan, D., Amodei, D., & Sutskever, I. (n.d.).
233–240. https://doi.org/10.18653/v1/W19-4824.
Lin, Wang, Liu, Qiu (b0245) 2022; 3
Xu, He, Lyu, Qu, Haffari (b0455) 2022
506–519. https://doi.org/10.1145/3052973.3053009.
Liu, Y., Ott, M., Goyal, N., Du, J., Joshi, M., Chen, D., Levy, O., Lewis, M., Zettlemoyer, L., & Stoyanov, V. (2019). RoBERTa: A Robustly Optimized BERT Pretraining Approach.
Pennington, J., Socher, R., & Manning, C. (2014). GloVe: Global Vectors for Word Representation. In A. Moschitti, B. Pang, & W. Daelemans (Eds.)
Mondal, I. (2021). BBAEG: Towards BERT-based Biomedical Adversarial Example Generation for Text Classification.
Chen, Su, Wei (b0060) 2021
5378–5384. https://doi.org/10.18653/v1/2021.naacl-main.423.
Morris, Lifland, Lanchantin, Ji, Qi (b0315) 2020; 2020
Lin, Gao, Yan, Moreno, Ren (b0240) 2021
Chiang, Lee (b0075) 2023; 2023
Yang, Dai, Yang, Carbonell, Salakhutdinov, Le (b0470) 2019; 32
(arXiv:1910.01108; Version 4). arXiv. http://arxiv.org/abs/1910.01108.
Fang, Cheng, Liu, Wang (b0115) 2023; 2023
Zhou, P., Qi, Z., Zheng, S., Xu, J., Bao, H., & Xu, B. (2016). Text Classification Improved by Integrating Bidirectional LSTM with Two-dimensional Max Pooling. In Y. Matsumoto & R. Prasad (Eds.)
Saleh, Alhothali, Moria (b0395) 2023; 37
Kumar, Maheshwary, Pudi (b0195) 2021; 2021
(arXiv:1412.6572). arXiv. https://doi.org/10.48550/arXiv.1412.6572.
Li, J., Ji, S., Du, T., Li, B., & Wang, T. (2019). TextBugger: Generating Adversarial Text Against Real-world Applications.
Hastings (b0150) 1970; 57
(arXiv:1909.11942; Version 6). arXiv. http://arxiv.org/abs/1909.11942.
(pp. 3485–3495). The COLING 2016 Organizing Committee. https://aclanthology.org/C16-1329.
https://doi.org/10.48550/arXiv.1511.06434.
Gupta, Yadav, Vishwakarma (b0145) 2024; 244
Li, Zhang, Peng, Chen, Brockett, Sun, Dolan (b0225) 2021
Aggarwal, Vishwakarma (b0015) 2023
Liu, Chen, Liu, Song (b0260) 2016
Tsai, Y.-T., Yang, M.-C., & Chen, H.-Y. (2019). Adversarial Attack on Sentiment Classification.
5085–5097. https://aclanthology.org/2022.coling-1.451.
(pp. 417–427). Association for Computational Linguistics. https://aclanthology.org/E17-1040.
Lan, Z., Chen, M., Goodman, S., Gimpel, K., Sharma, P., & Soricut, R. (2020).
Wan, J., Yang, J., Ma, S., Zhang, D., Zhang, W., Yu, Y., & Li, Z. (2022). PAEG: Phrase-level Adversarial Example Generation for Neural Machine Translation.
Liu, Yu, Hu, Li, Lin, Ma, Yang, Wen (b0250) 2022
Papernot, McDaniel, Jha, Fredrikson, Celik, Swami (b0345) 2016; 2016
1085–1097. https://doi.org/10.18653/v1/P19-1103.
Bao, Wang, Zhao (b0030) 2021; 2021
Eger, Benz (b0110) 2020
Zhu, Cheng, Gan, Sun, Goldstein, Liu (b0530) 2020
Yadav, Vishwakarma (b0460) 2023; 232
Ye, Zhang, Dong, Ji (b0475) 2021; 2021
Metropolis, Rosenbluth, Rosenbluth, Teller, Teller (b0290) 2004; 21
Salimans, Goodfellow, Zaremba, Cheung, Radford, Chen, Chen (b0400) 2016; 29
2038–2048. https://doi.org/10.18653/v1/2023.eacl-main.149.
Verwimp, L., Pelemans, J., Van hamme, H., & Wambacq, P. (2017). Character-Word LSTM Language Models. In M. Lapata, P. Blunsom, & A. Koller (Eds.)
Jin, Jin, Zhou, Szolovits (b0175) 2020
Aggarwal, Pandey, Vishwakarma (b0010) 2023; 2023
Bajaj (10.1016/j.eswa.2024.124278_b0020) 2023; 558
Zhu (10.1016/j.eswa.2024.124278_b0530) 2020
Lei (10.1016/j.eswa.2024.124278_b0220) 2022; 2022
Ebrahimi (10.1016/j.eswa.2024.124278_b0105) 2018
Sharma (10.1016/j.eswa.2024.124278_b0410) 2021; 185
10.1016/j.eswa.2024.124278_b0340
Yang (10.1016/j.eswa.2024.124278_b0470) 2019; 32
Joshi (10.1016/j.eswa.2024.124278_b0180) 2020; 8
10.1016/j.eswa.2024.124278_b0185
Zang (10.1016/j.eswa.2024.124278_b0490) 2020
Kumar (10.1016/j.eswa.2024.124278_b0195) 2021; 2021
Jin (10.1016/j.eswa.2024.124278_b0175) 2020
Hayet (10.1016/j.eswa.2024.124278_b0155) 2022; 2022
Eger (10.1016/j.eswa.2024.124278_b0110) 2020
Zhang (10.1016/j.eswa.2024.124278_b0500) 2019
Lin (10.1016/j.eswa.2024.124278_b0240) 2021
10.1016/j.eswa.2024.124278_b0205
Li (10.1016/j.eswa.2024.124278_b0235) 2020
Bajaj (10.1016/j.eswa.2024.124278_b0025) 2023
Garg (10.1016/j.eswa.2024.124278_b0135) 2020
Nguyen-Son (10.1016/j.eswa.2024.124278_b0325) 2022; 2022
Iyyer (10.1016/j.eswa.2024.124278_b0165) 2018
Chakraborty (10.1016/j.eswa.2024.124278_b0045) 2021; 6
Mollas (10.1016/j.eswa.2024.124278_b0300) 2022; 8
Macas (10.1016/j.eswa.2024.124278_b0270) 2024; 238
Chang (10.1016/j.eswa.2024.124278_b0050) 2023; 529
Zheng (10.1016/j.eswa.2024.124278_b0515) 2023
Zhan (10.1016/j.eswa.2024.124278_b0495) 2023; 2023
Choi (10.1016/j.eswa.2024.124278_b0080) 2022
10.1016/j.eswa.2024.124278_b0435
Cheng (10.1016/j.eswa.2024.124278_b0065) 2019
Lin (10.1016/j.eswa.2024.124278_b0245) 2022; 3
10.1016/j.eswa.2024.124278_b0440
Formento (10.1016/j.eswa.2024.124278_b0120) 2023; 2023
10.1016/j.eswa.2024.124278_b0320
10.1016/j.eswa.2024.124278_b0200
Lees (10.1016/j.eswa.2024.124278_b0215) 2022
Madry (10.1016/j.eswa.2024.124278_b0280) 2018
Ye (10.1016/j.eswa.2024.124278_b0475) 2021; 2021
10.1016/j.eswa.2024.124278_b0160
Vaswani (10.1016/j.eswa.2024.124278_b0425) 2017; 30
Yuan (10.1016/j.eswa.2024.124278_b0485) 2023; 2023
Yadav (10.1016/j.eswa.2024.124278_b0460) 2023; 232
del Valle-Cano (10.1016/j.eswa.2024.124278_b0420) 2023; 216
Li (10.1016/j.eswa.2024.124278_b0225) 2021
Gupta (10.1016/j.eswa.2024.124278_b0145) 2024; 244
Zhou (10.1016/j.eswa.2024.124278_b0525) 2022
Gao (10.1016/j.eswa.2024.124278_b0130) 2018; 2018
10.1016/j.eswa.2024.124278_b0305
Wang (10.1016/j.eswa.2024.124278_b0445) 2022; 2022
Jiao (10.1016/j.eswa.2024.124278_b0170) 2020; 2020
Fang (10.1016/j.eswa.2024.124278_b0115) 2023; 2023
10.1016/j.eswa.2024.124278_b0430
10.1016/j.eswa.2024.124278_b0035
Bao (10.1016/j.eswa.2024.124278_b0030) 2021; 2021
Moosavi-Dezfooli (10.1016/j.eswa.2024.124278_b0310) 2016; 2016
10.1016/j.eswa.2024.124278_b0390
Liu (10.1016/j.eswa.2024.124278_b0250) 2022
10.1016/j.eswa.2024.124278_b0415
Oseledets (10.1016/j.eswa.2024.124278_b0330) 2018; 2018
Chiang (10.1016/j.eswa.2024.124278_b0075) 2023; 2023
10.1016/j.eswa.2024.124278_b0385
10.1016/j.eswa.2024.124278_b0140
Cer (10.1016/j.eswa.2024.124278_b0040) 2018
10.1016/j.eswa.2024.124278_b0265
10.1016/j.eswa.2024.124278_b0380
Yoo (10.1016/j.eswa.2024.124278_b0480) 2021; 2021
Pandey (10.1016/j.eswa.2024.124278_b0335) 2023; 269
Xu (10.1016/j.eswa.2024.124278_b0455) 2022
Modas (10.1016/j.eswa.2024.124278_b0295) 2019; 2019
Salimans (10.1016/j.eswa.2024.124278_b0400) 2016; 29
Metropolis (10.1016/j.eswa.2024.124278_b0290) 2004; 21
10.1016/j.eswa.2024.124278_b0405
Papernot (10.1016/j.eswa.2024.124278_b0345) 2016; 2016
Xu (10.1016/j.eswa.2024.124278_b0450) 2020; 17
Aggarwal (10.1016/j.eswa.2024.124278_b0010) 2023; 2023
10.1016/j.eswa.2024.124278_b0375
10.1016/j.eswa.2024.124278_b0255
10.1016/j.eswa.2024.124278_b0090
10.1016/j.eswa.2024.124278_b0095
10.1016/j.eswa.2024.124278_b0370
Morris (10.1016/j.eswa.2024.124278_b0315) 2020; 2020
Madhu (10.1016/j.eswa.2024.124278_b0275) 2023; 215
Saleh (10.1016/j.eswa.2024.124278_b0395) 2023; 37
Mehrish (10.1016/j.eswa.2024.124278_b0285) 2023; 99
Mamta (10.1016/j.eswa.2024.124278_b0005) 2022; 2022
10.1016/j.eswa.2024.124278_b0085
10.1016/j.eswa.2024.124278_b0360
Devlin (10.1016/j.eswa.2024.124278_b0100) 2019
10.1016/j.eswa.2024.124278_b0520
10.1016/j.eswa.2024.124278_b0125
10.1016/j.eswa.2024.124278_b0365
Kim (10.1016/j.eswa.2024.124278_b0190) 2014
Aggarwal (10.1016/j.eswa.2024.124278_b0015) 2023
Hastings (10.1016/j.eswa.2024.124278_b0150) 1970; 57
Chen (10.1016/j.eswa.2024.124278_b0055) 2016
10.1016/j.eswa.2024.124278_b0230
Zhao (10.1016/j.eswa.2024.124278_b0510) 2022
Chen (10.1016/j.eswa.2024.124278_b0060) 2021
10.1016/j.eswa.2024.124278_b0350
10.1016/j.eswa.2024.124278_b0355
Zhao (10.1016/j.eswa.2024.124278_b0505) 2022; 2022
Liu (10.1016/j.eswa.2024.124278_b0260) 2016
Chhabra (10.1016/j.eswa.2024.124278_b0070) 2023; 29
Lauriola (10.1016/j.eswa.2024.124278_b0210) 2022; 470
Yang (10.1016/j.eswa.2024.124278_b0465) 2023; 644
References_xml – reference: , 124–135. https://doi.org/10.18653/v1/2020.sustainlp-1.17.
– reference: (pp. 3485–3495). The COLING 2016 Organizing Committee. https://aclanthology.org/C16-1329.
– reference: Mondal, I. (2021). BBAEG: Towards BERT-based Biomedical Adversarial Example Generation for Text Classification.
– volume: 2016
  start-page: 372
  year: 2016
  end-page: 387
  ident: b0345
  article-title: The Limitations of Deep Learning in Adversarial Settings
  publication-title: IEEE European Symposium on Security and Privacy (EuroS&P)
– start-page: 469
  year: 2022
  end-page: 470
  ident: b0525
  article-title: Adversarial example generation via genetic algorithm: A preliminary result
  publication-title: Proceedings of the Genetic and Evolutionary Computation Conference Companion
– start-page: 786
  year: 2020
  end-page: 803
  ident: b0110
  article-title: From Hero to Zéroe: A Benchmark of Low-Level Adversarial Attacks
  publication-title: Proceedings of the 1st Conference of the Asia-Pacific Chapter of the Association for Computational Linguistics and the 10th International Joint Conference on Natural Language Processing
– volume: 8
  start-page: 64
  year: 2020
  end-page: 77
  ident: b0180
  article-title: SpanBERT: Improving Pre-training by Representing and Predicting Spans
  publication-title: Transactions of the Association for Computational Linguistics
– start-page: 1746
  year: 2014
  end-page: 1751
  ident: b0190
  article-title: Convolutional Neural Networks for Sentence Classification
  publication-title: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP)
– reference: Radford, A., Wu, J., Child, R., Luan, D., Amodei, D., & Sutskever, I. (n.d.).
– volume: 6
  start-page: 25
  year: 2021
  end-page: 45
  ident: b0045
  article-title: A survey on adversarial attacks and defences
  publication-title: CAAI Transactions on Intelligence Technology
– volume: 232
  year: 2023
  ident: b0460
  article-title: MRT-Net: Auto-adaptive weighting of manipulation residuals and texture clues for face manipulation detection
  publication-title: Expert Systems with Applications
– volume: 29
  start-page: 1203
  year: 2023
  end-page: 1230
  ident: b0070
  article-title: A literature survey on multimodal and multilingual automatic hate speech identification
  publication-title: Multimedia Systems
– volume: 2018
  start-page: 50
  year: 2018
  end-page: 56
  ident: b0130
  article-title: Black-Box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers
  publication-title: IEEE Security and Privacy Workshops (SPW)
– reference: Pruthi, D., Dhingra, B., & Lipton, Z. C. (2019). Combating Adversarial Misspellings with Robust Word Recognition.
– start-page: 169
  year: 2018
  end-page: 174
  ident: b0040
  article-title: Universal Sentence Encoder for English
  publication-title: Proceedings of the 2018 Conference on Empirical Methods in Natural Language Processing: System Demonstrations
– volume: 2023
  start-page: 7322
  year: 2023
  end-page: 7336
  ident: b0115
  article-title: Modeling Adversarial Attack on Pre-trained Language Models as Sequential Decision Making
  publication-title: Findings of the Association for Computational Linguistics: ACL
– reference: . Eighth International Conference on Learning Representations. https://iclr.cc/virtual_2020/poster_r1xMH1BtvB.html.
– start-page: 1875
  year: 2018
  end-page: 1885
  ident: b0165
  article-title: Adversarial Example Generation with Syntactically Controlled Paraphrase Networks
  publication-title: Proceedings of the 2018 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long Papers)
– reference: Pennington, J., Socher, R., & Manning, C. (2014). GloVe: Global Vectors for Word Representation. In A. Moschitti, B. Pang, & W. Daelemans (Eds.),
– reference: Davidson, T., Warmsley, D., Macy, M., & Weber, I. (2017). Automated Hate Speech Detection and the Problem of Offensive Language.
– year: 2018
  ident: b0280
  article-title: Towards Deep Learning Models Resistant to Adversarial Attacks
  publication-title: International Conference on Learning Representations
– year: 2023
  ident: b0025
  article-title: A state-of-the-art review on adversarial machine learning in image classification
  publication-title: Multimedia Tools and Applications
– reference: , 506–519. https://doi.org/10.1145/3052973.3053009.
– reference: . 39–57. https://doi.org/10.1109/SP.2017.49.
– volume: 57
  start-page: 97
  year: 1970
  end-page: 109
  ident: b0150
  article-title: Monte Carlo sampling methods using Markov chains and their applications
  publication-title: Biometrika
– reference: . https://doi.org/10.48550/arXiv.1511.06434.
– volume: 32
  year: 2019
  ident: b0470
  article-title: XLNet: Generalized Autoregressive Pretraining for Language Understanding
  publication-title: Advances in Neural Information Processing Systems
– reference: Gaiński, P., & Ba\lazy, K. (2023). Step by Step Loss Goes Very Far: Multi-Step Quantization for Adversarial Text Attacks.
– reference: Qi, F., Yang, C., Liu, Z., Dong, Q., Sun, M., & Dong, Z. (2019).
– start-page: 4171
  year: 2019
  end-page: 4186
  ident: b0100
  article-title: BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding
  publication-title: Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers)
– reference: , 6134–6150. https://doi.org/10.18653/v1/2020.emnlp-main.495.
– start-page: 5564
  year: 2019
  end-page: 5569
  ident: b0500
  article-title: Generating Fluent Adversarial Examples for Natural Languages
  publication-title: Proceedings of the 57th Annual Meeting of the Association for Computational Linguistics
– reference: (1), Article 1. https://doi.org/10.1609/icwsm.v11i1.14955.
– reference: , 276–286. https://doi.org/10.18653/v1/2023.trustnlp-1.24.
– volume: 244
  year: 2024
  ident: b0145
  article-title: HumanPoseNet: An all-transformer architecture for pose estimation with efficient patch expansion and attentional feature refinement
  publication-title: Expert Systems with Applications
– start-page: 2180
  year: 2016
  end-page: 2188
  ident: b0055
  article-title: InfoGAN: Interpretable representation learning by information maximizing generative adversarial nets
  publication-title: Proceedings of the 30th International Conference on Neural Information Processing Systems
– reference: Sanh, V., Debut, L., Chaumond, J., & Wolf, T. (2020).
– volume: 216
  year: 2023
  ident: b0420
  article-title: SocialHaterBERT: A dichotomous approach for automatically detecting hate speech on Twitter through textual analysis and user profiles
  publication-title: Expert Systems with Applications
– volume: 2021
  start-page: 2705
  year: 2021
  end-page: 2712
  ident: b0195
  article-title: Adversarial Examples for Evaluating Math Word Problem Solvers
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: (arXiv:1901.09957). arXiv. https://doi.org/10.48550/arXiv.1901.09957.
– volume: 2021
  start-page: 39
  year: 2021
  end-page: 40
  ident: b0475
  article-title: Heuristic-word-selection Genetic Algorithm for Generating Natural Language Adversarial Examples
  publication-title: IEEE International Conference on Artificial Intelligence Testing (AITest)
– reference: Kurakin, A., Goodfellow, I. J., & Bengio, S. (2018). Adversarial Examples in the Physical World. In R. V. Yampolskiy (Ed.),
– reference: . https://www.semanticscholar.org/paper/RoBERTa%3A-A-Robustly-Optimized-BERT-Pretraining-Liu-Ott/077f8329a7b6fa3b7c877a57b81eb6c18b5f87de.
– volume: 2021
  start-page: 945
  year: 2021
  end-page: 956
  ident: b0480
  article-title: Towards Improving Adversarial Training of NLP Models
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: Liu, Y., Ott, M., Goyal, N., Du, J., Joshi, M., Chen, D., Levy, O., Lewis, M., Zettlemoyer, L., & Stoyanov, V. (2019). RoBERTa: A Robustly Optimized BERT Pretraining Approach.
– volume: 2022
  start-page: 176
  year: 2022
  end-page: 205
  ident: b0445
  article-title: SemAttack: Natural Textual Attacks via Different Semantic Spaces
  publication-title: Findings of the Association for Computational Linguistics: NAACL
– reference: ,
– reference: (arXiv:1910.01108; Version 4). arXiv. http://arxiv.org/abs/1910.01108.
– start-page: 5053
  year: 2021
  end-page: 5069
  ident: b0225
  article-title: Contextualized Perturbation for Textual Adversarial Attack
  publication-title: Proceedings of the 2021 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies
– reference: (arXiv:1412.6572). arXiv. https://doi.org/10.48550/arXiv.1412.6572.
– volume: 17
  start-page: 151
  year: 2020
  end-page: 178
  ident: b0450
  article-title: Adversarial Attacks and Defenses in Images, Graphs and Text: A Review
  publication-title: International Journal of Automation and Computing
– reference: Pavlopoulos, J., Thain, N., Dixon, L., & Androutsopoulos, I. (2019). ConvAI at SemEval-2019 Task 6: Offensive Language Identification and Categorization with Perspective and BERT. In J. May, E. Shutova, A. Herbelot, X. Zhu, M. Apidianaki, & S. M. Mohammad (Eds.),
– reference: Liu, H., Cai, C., & Qi, Y. (2023). Expanding Scope: Adapting English Adversarial Attacks to Chinese.
– start-page: 2849
  year: 2022
  end-page: 2860
  ident: b0455
  article-title: Student Surpasses Teacher: Imitation Attack for Black-Box NLP APIs
  publication-title: Proceedings of the 29th International Conference on Computational Linguistics
– volume: 2018
  start-page: 8562
  year: 2018
  end-page: 8570
  ident: b0330
  article-title: Art of Singular Vectors and Universal Adversarial Perturbations
  publication-title: IEEE/CVF Conference on Computer Vision and Pattern Recognition
– volume: 558
  year: 2023
  ident: b0020
  article-title: Evading text based emotion detection mechanism via adversarial attacks
  publication-title: Neurocomputing
– year: 2020
  ident: b0530
  article-title: FreeLB: Enhanced Adversarial Training for Natural Language Understanding
  publication-title: Eighth International Conference on Learning Representations
– reference: , 119–126. https://doi.org/10.18653/v1/2020.emnlp-demos.16.
– reference: Tsai, Y.-T., Yang, M.-C., & Chen, H.-Y. (2019). Adversarial Attack on Sentiment Classification.
– volume: 2022
  start-page: 5009
  year: 2022
  end-page: 5018
  ident: b0155
  article-title: Invernet: An Inversion Attack Framework to Infer Fine-Tuning Datasets through Word Embeddings
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– start-page: 7664
  year: 2022
  end-page: 7676
  ident: b0250
  article-title: Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution
  publication-title: Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing
– reference: Ren, S., Deng, Y., He, K., & Che, W. (2019). Generating Natural Language Adversarial Examples through Probability Weighted Word Saliency.
– reference: (arXiv:1909.11942; Version 6). arXiv. http://arxiv.org/abs/1909.11942.
– reference: Kennedy, J., & Eberhart, R. (1995). Particle swarm optimization.
– reference: Clark, K., Luong, M.-T., Le, Q. V., & Manning, C. D. (2020, April).
– start-page: 4511
  year: 2021
  end-page: 4526
  ident: b0060
  article-title: Multi-granularity Textual Adversarial Attack with Behavior Cloning
  publication-title: Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing
– reference: Lan, Z., Chen, M., Goodman, S., Gimpel, K., Sharma, P., & Soricut, R. (2020).
– volume: 30
  year: 2017
  ident: b0425
  article-title: Attention is All you Need
  publication-title: Advances in Neural Information Processing Systems
– volume: 185
  year: 2021
  ident: b0410
  article-title: Deep Learning for predicting neutralities in Offensive Language Identification Dataset
  publication-title: Expert Systems with Applications
– reference: Wan, J., Yang, J., Ma, S., Zhang, D., Zhang, W., Yu, Y., & Li, Z. (2022). PAEG: Phrase-level Adversarial Example Generation for Neural Machine Translation.
– reference: Deng, C., Liu, M., Qin, Y., Zhang, J., Duan, H.-X., & Sun, D. (2022). ValCAT: Variable-Length Contextualized Adversarial Transformations Using Encoder-Decoder Language Model.
– reference: , 233–240. https://doi.org/10.18653/v1/W19-4824.
– volume: 2016
  start-page: 2574
  year: 2016
  end-page: 2582
  ident: b0310
  article-title: DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks
  publication-title: IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
– reference: Radford, A., Metz, L., & Chintala, S. (2015). Unsupervised Representation Learning with Deep Convolutional Generative Adversarial Networks. In
– volume: 2020
  start-page: 3829
  year: 2020
  end-page: 3839
  ident: b0315
  article-title: Reevaluating Adversarial Examples in Natural Language
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: . (n.d.). Retrieved 26 December 2023, from https://perspectiveapi.com/.
– volume: 2023
  start-page: 7132
  year: 2023
  end-page: 7146
  ident: b0485
  article-title: Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework
  publication-title: Findings of the Association for Computational Linguistics: ACL
– volume: 470
  start-page: 443
  year: 2022
  end-page: 456
  ident: b0210
  article-title: An introduction to Deep Learning in Natural Language Processing: Models, techniques, and tools
  publication-title: Neurocomputing
– start-page: 3197
  year: 2022
  end-page: 3207
  ident: b0215
  article-title: A New Generation of Perspective API: Efficient Multilingual Character-level Transformers
  publication-title: Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining
– reference: Wang, B., Pei, H., Pan, B., Chen, Q., Wang, S., & Li, B. (2020). T3: Tree-Autoencoder Constrained Adversarial Text Generation for Targeted Attack.
– start-page: 6174
  year: 2020
  end-page: 6181
  ident: b0135
  article-title: BAE: BERT-based Adversarial Examples for Text Classification
  publication-title: Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP)
– volume: 2022
  start-page: 4599
  year: 2022
  end-page: 4606
  ident: b0505
  article-title: Generating Textual Adversaries with Minimal Perturbation
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: Morris, J., Lifland, E., Yoo, J. Y., Grigsby, J., Jin, D., & Qi, Y. (2020). TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP.
– reference: , 5085–5097. https://aclanthology.org/2022.coling-1.451.
– volume: 2022
  start-page: 1095
  year: 2022
  end-page: 1112
  ident: b0220
  article-title: Phrase-level Textual Adversarial Attack with Label Preservation
  publication-title: Findings of the Association for Computational Linguistics: NAACL
– start-page: 6193
  year: 2020
  end-page: 6202
  ident: b0235
  article-title: BERT-ATTACK: Adversarial Attack Against BERT Using BERT
  publication-title: Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP)
– volume: 2021
  start-page: 3248
  year: 2021
  end-page: 3258
  ident: b0030
  article-title: Defending Pre-trained Language Models from Adversarial Word Substitution Without Performance Sacrifice
  publication-title: Findings of the Association for Computational Linguistics: ACL-IJCNLP
– volume: 529
  start-page: 190
  year: 2023
  end-page: 203
  ident: b0050
  article-title: TextGuise: Adaptive adversarial example attacks on text classification model
  publication-title: Neurocomputing
– start-page: 31
  year: 2018
  end-page: 36
  ident: b0105
  article-title: HotFlip: White-Box Adversarial Examples for Text Classification
  publication-title: Proceedings of the 56th Annual Meeting of the Association for Computational Linguistics (Volume 2: Short Papers)
– volume: 2022
  start-page: 478
  year: 2022
  end-page: 492
  ident: b0005
  article-title: Adversarial Sample Generation for Aspect based Sentiment Classification
  publication-title: Findings of the Association for Computational Linguistics: AACL-IJCNLP
– start-page: 1
  year: 2023
  end-page: 5
  ident: b0015
  article-title: Protecting our Children from the Dark Corners of YouTube: A Cutting-Edge Analysis
  publication-title: 2023 4th IEEE Global Conference for Advancement in Technology (GCAT)
– reference: (pp. 571–576). Association for Computational Linguistics. https://doi.org/10.18653/v1/S19-2102.
– volume: 215
  year: 2023
  ident: b0275
  article-title: Detecting offensive speech in conversational code-mixed dialogue on social media: A contextual dataset and benchmark experiments
  publication-title: Expert Systems with Applications
– reference: , 2038–2048. https://doi.org/10.18653/v1/2023.eacl-main.149.
– reference: (pp. 1532–1543). Association for Computational Linguistics. https://doi.org/10.3115/v1/D14-1162.
– start-page: 6066
  year: 2020
  end-page: 6080
  ident: b0490
  article-title: Word-level Textual Adversarial Attacking as Combinatorial Optimization
  publication-title: Proceedings of the 58th Annual Meeting of the Association for Computational Linguistics
– reference: (1st ed., pp. 99–112). Chapman and Hall/CRC. https://doi.org/10.1201/9781351251389-8.
– volume: 2023
  start-page: 1853
  year: 2023
  end-page: 1878
  ident: b0075
  article-title: Are Synonym Substitution Attacks Really Synonym Substitution Attacks?
  publication-title: Findings of the Association for Computational Linguistics: ACL
– year: 2020
  ident: b0175
  article-title: Is BERT Really Robust? A Strong Baseline for Natural Language Attack on Text Classification and Entailment
  publication-title: Proceedings of the AAAI Conference on Artificial Intelligence
– reference: Qi, F., Chen, Y., Zhang, X., Li, M., Liu, Z., & Sun, M. (2021). Mind the Style of Text! Adversarial and Backdoor Attacks Based on Text Style Transfer.
– start-page: 4324
  year: 2019
  end-page: 4333
  ident: b0065
  publication-title: Robust Neural Machine Translation with Doubly Adversarial Inputs
– volume: 3
  start-page: 111
  year: 2022
  end-page: 132
  ident: b0245
  article-title: A survey of transformers
  publication-title: AI Open
– start-page: 932
  year: 2022
  end-page: 944
  ident: b0510
  article-title: Can we Really Trust Explanations? Evaluating the Stability of Feature Attribution Explanation Methods via Adversarial Attack
  publication-title: Proceedings of the 21st Chinese National Conference on Computational Linguistics
– volume: 2023
  start-page: 1
  year: 2023
  end-page: 5
  ident: b0010
  article-title: Multimodal Sarcasm Recognition by Fusing Textual, Visual and Acoustic content via Multi-Headed Attention for Video Dataset
  publication-title: World Conference on Communication & Computing (WCONF)
– reference: Verwimp, L., Pelemans, J., Van hamme, H., & Wambacq, P. (2017). Character-Word LSTM Language Models. In M. Lapata, P. Blunsom, & A. Koller (Eds.),
– volume: 2019
  start-page: 9079
  year: 2019
  end-page: 9088
  ident: b0295
  article-title: SparseFool: A Few Pixels Make a Big Difference
  publication-title: IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)
– reference: (pp. 417–427). Association for Computational Linguistics. https://aclanthology.org/E17-1040.
– start-page: 5490
  year: 2022
  end-page: 5498
  ident: b0080
  article-title: TABS: Efficient Textual Adversarial Attack for Pre-trained NL Code Model Using Semantic Beam Search
  publication-title: Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing
– reference: , 5582–5591. https://doi.org/10.18653/v1/P19-1561.
– reference: , 4569–4580. https://doi.org/10.18653/v1/2021.emnlp-main.374.
– reference: Goodfellow, I. J., Shlens, J., & Szegedy, C. (2015).
– volume: 37
  start-page: 2166719
  year: 2023
  ident: b0395
  article-title: Detection of Hate Speech using BERT and Hate Speech Word Embedding with Deep Model
  publication-title: Applied Artificial Intelligence
– volume: 2022
  start-page: 2903
  year: 2022
  end-page: 2913
  ident: b0325
  article-title: CheckHARD: Checking Hard Labels for Adversarial Text Detection, Prediction Correction, and Perturbed Word Suggestion
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: Papernot, N., McDaniel, P., Goodfellow, I., Jha, S., Celik, Z. B., & Swami, A. (2017). Practical Black-Box Attacks against Machine Learning.
– reference: Carlini, N., & Wagner, D. (2017).
– volume: 238
  year: 2024
  ident: b0270
  article-title: Adversarial examples: A survey of attacks and defenses in deep learning-enabled cybersecurity systems
  publication-title: Expert Systems with Applications
– reference: , 1942–1948 vol.4. https://doi.org/10.1109/ICNN.1995.488968.
– volume: 21
  start-page: 1087
  year: 2004
  end-page: 1092
  ident: b0290
  article-title: Equation of State Calculations by Fast Computing Machines
  publication-title: The Journal of Chemical Physics
– start-page: 3728
  year: 2021
  end-page: 3737
  ident: b0240
  article-title: RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models
  publication-title: Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing
– reference: , 1735–1746. https://doi.org/10.18653/v1/2022.naacl-main.125.
– volume: 644
  year: 2023
  ident: b0465
  article-title: Generation-based parallel particle swarm optimization for adversarial text attacks
  publication-title: Information Sciences
– volume: 2020
  start-page: 4163
  year: 2020
  end-page: 4174
  ident: b0170
  article-title: TinyBERT: Distilling BERT for Natural Language Understanding
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– reference: , 5378–5384. https://doi.org/10.18653/v1/2021.naacl-main.423.
– reference: Zhou, P., Qi, Z., Zheng, S., Xu, J., Bao, H., & Xu, B. (2016). Text Classification Improved by Integrating Bidirectional LSTM with Two-dimensional Max Pooling. In Y. Matsumoto & R. Prasad (Eds.),
– reference: . Network and Distributed System Security Symposium, San Diego, CA. https://doi.org/10.14722/ndss.2019.23138.
– start-page: 9960
  year: 2023
  end-page: 9976
  ident: b0515
  article-title: NatLogAttack: A Framework for Attacking Natural Language Inference Models with Natural Logic
  publication-title: Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers)
– volume: 2023
  start-page: 7891
  year: 2023
  end-page: 7906
  ident: b0495
  article-title: Similarizing the Influence of Words with Contrastive Learning to Defend Word-level Adversarial Text Attack
  publication-title: Findings of the Association for Computational Linguistics: ACL
– reference: .
– reference: Iandola, F., Shaw, A., Krishna, R., & Keutzer, K. (2020). SqueezeBERT: What can computer vision teach NLP about efficient neural networks?
– reference: Li, J., Ji, S., Du, T., Li, B., & Wang, T. (2019). TextBugger: Generating Adversarial Text Against Real-world Applications.
– year: 2016
  ident: b0260
  article-title: Delving into Transferable Adversarial Examples and Black-box Attacks
  publication-title: International Conference on Learning Representations
– volume: 8
  start-page: 4663
  year: 2022
  end-page: 4678
  ident: b0300
  article-title: ETHOS: A multi-label hate speech detection dataset
  publication-title: Complex & Intelligent Systems
– reference: , 1085–1097. https://doi.org/10.18653/v1/P19-1103.
– volume: 269
  year: 2023
  ident: b0335
  article-title: VABDC-Net: A framework for Visual-Caption Sentiment Recognition via spatio-depth visual attention and bi-directional caption processing
  publication-title: Knowledge-Based Systems
– volume: 29
  year: 2016
  ident: b0400
  article-title: Improved Techniques for Training GANs
  publication-title: Advances in Neural Information Processing Systems
– volume: 2023
  start-page: 1
  year: 2023
  end-page: 34
  ident: b0120
  article-title: Using Punctuation as an Adversarial Attack on Deep Learning-Based NLP Systems: An Empirical Study
  publication-title: Findings of the Association for Computational Linguistics: EACL
– volume: 99
  year: 2023
  ident: b0285
  article-title: A review of deep learning techniques for speech processing
  publication-title: Information Fusion
– volume: 232
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0460
  article-title: MRT-Net: Auto-adaptive weighting of manipulation residuals and texture clues for face manipulation detection
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2023.120898
– start-page: 9960
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0515
  article-title: NatLogAttack: A Framework for Attacking Natural Language Inference Models with Natural Logic
– ident: 10.1016/j.eswa.2024.124278_b0125
  doi: 10.18653/v1/2023.eacl-main.149
– ident: 10.1016/j.eswa.2024.124278_b0230
  doi: 10.14722/ndss.2019.23138
– start-page: 1
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0015
  article-title: Protecting our Children from the Dark Corners of YouTube: A Cutting-Edge Analysis
– ident: 10.1016/j.eswa.2024.124278_b0265
– volume: 99
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0285
  article-title: A review of deep learning techniques for speech processing
  publication-title: Information Fusion
  doi: 10.1016/j.inffus.2023.101869
– start-page: 7664
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0250
  article-title: Character-level White-Box Adversarial Attacks against Transformers via Attachable Subwords Substitution
– volume: 2021
  start-page: 39
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0475
  article-title: Heuristic-word-selection Genetic Algorithm for Generating Natural Language Adversarial Examples
  publication-title: IEEE International Conference on Artificial Intelligence Testing (AITest)
– ident: 10.1016/j.eswa.2024.124278_b0355
  doi: 10.3115/v1/D14-1162
– volume: 2022
  start-page: 176
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0445
  article-title: SemAttack: Natural Textual Attacks via Different Semantic Spaces
  publication-title: Findings of the Association for Computational Linguistics: NAACL
– start-page: 786
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0110
  article-title: From Hero to Zéroe: A Benchmark of Low-Level Adversarial Attacks
– start-page: 469
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0525
  article-title: Adversarial example generation via genetic algorithm: A preliminary result
– ident: 10.1016/j.eswa.2024.124278_b0085
– ident: 10.1016/j.eswa.2024.124278_b0360
– start-page: 2849
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0455
  article-title: Student Surpasses Teacher: Imitation Attack for Black-Box NLP APIs
– volume: 6
  start-page: 25
  issue: 1
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0045
  article-title: A survey on adversarial attacks and defences
  publication-title: CAAI Transactions on Intelligence Technology
  doi: 10.1049/cit2.12028
– volume: 2020
  start-page: 4163
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0170
  article-title: TinyBERT: Distilling BERT for Natural Language Understanding
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– ident: 10.1016/j.eswa.2024.124278_b0405
– ident: 10.1016/j.eswa.2024.124278_b0090
  doi: 10.1609/icwsm.v11i1.14955
– ident: 10.1016/j.eswa.2024.124278_b0430
  doi: 10.18653/v1/E17-1040
– volume: 2023
  start-page: 7322
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0115
  article-title: Modeling Adversarial Attack on Pre-trained Language Models as Sequential Decision Making
  publication-title: Findings of the Association for Computational Linguistics: ACL
– volume: 2022
  start-page: 478
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0005
  article-title: Adversarial Sample Generation for Aspect based Sentiment Classification
  publication-title: Findings of the Association for Computational Linguistics: AACL-IJCNLP
– volume: 644
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0465
  article-title: Generation-based parallel particle swarm optimization for adversarial text attacks
  publication-title: Information Sciences
  doi: 10.1016/j.ins.2023.119237
– volume: 2021
  start-page: 3248
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0030
  article-title: Defending Pre-trained Language Models from Adversarial Word Substitution Without Performance Sacrifice
  publication-title: Findings of the Association for Computational Linguistics: ACL-IJCNLP
– year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0025
  article-title: A state-of-the-art review on adversarial machine learning in image classification
  publication-title: Multimedia Tools and Applications
– volume: 8
  start-page: 64
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0180
  article-title: SpanBERT: Improving Pre-training by Representing and Predicting Spans
  publication-title: Transactions of the Association for Computational Linguistics
  doi: 10.1162/tacl_a_00300
– ident: 10.1016/j.eswa.2024.124278_b0520
– volume: 2023
  start-page: 7891
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0495
  article-title: Similarizing the Influence of Words with Contrastive Learning to Defend Word-level Adversarial Text Attack
  publication-title: Findings of the Association for Computational Linguistics: ACL
– volume: 238
  year: 2024
  ident: 10.1016/j.eswa.2024.124278_b0270
  article-title: Adversarial examples: A survey of attacks and defenses in deep learning-enabled cybersecurity systems
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2023.122223
– volume: 470
  start-page: 443
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0210
  article-title: An introduction to Deep Learning in Natural Language Processing: Models, techniques, and tools
  publication-title: Neurocomputing
  doi: 10.1016/j.neucom.2021.05.103
– ident: 10.1016/j.eswa.2024.124278_b0035
  doi: 10.1109/SP.2017.49
– ident: 10.1016/j.eswa.2024.124278_b0200
  doi: 10.1201/9781351251389-8
– volume: 3
  start-page: 111
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0245
  article-title: A survey of transformers
  publication-title: AI Open
  doi: 10.1016/j.aiopen.2022.10.001
– ident: 10.1016/j.eswa.2024.124278_b0390
  doi: 10.18653/v1/P19-1103
– volume: 558
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0020
  article-title: Evading text based emotion detection mechanism via adversarial attacks
  publication-title: Neurocomputing
  doi: 10.1016/j.neucom.2023.126787
– volume: 216
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0420
  article-title: SocialHaterBERT: A dichotomous approach for automatically detecting hate speech on Twitter through textual analysis and user profiles
  publication-title: Expert Systems with Applications
– volume: 2016
  start-page: 372
  year: 2016
  ident: 10.1016/j.eswa.2024.124278_b0345
  article-title: The Limitations of Deep Learning in Adversarial Settings
  publication-title: IEEE European Symposium on Security and Privacy (EuroS&P)
  doi: 10.1109/EuroSP.2016.36
– volume: 2022
  start-page: 1095
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0220
  article-title: Phrase-level Textual Adversarial Attack with Label Preservation
  publication-title: Findings of the Association for Computational Linguistics: NAACL
– ident: 10.1016/j.eswa.2024.124278_b0160
  doi: 10.18653/v1/2020.sustainlp-1.17
– start-page: 6066
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0490
  article-title: Word-level Textual Adversarial Attacking as Combinatorial Optimization
– ident: 10.1016/j.eswa.2024.124278_b0095
  doi: 10.18653/v1/2022.naacl-main.125
– volume: 2018
  start-page: 8562
  year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0330
  article-title: Art of Singular Vectors and Universal Adversarial Perturbations
  publication-title: IEEE/CVF Conference on Computer Vision and Pattern Recognition
– start-page: 4324
  year: 2019
  ident: 10.1016/j.eswa.2024.124278_b0065
– volume: 185
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0410
  article-title: Deep Learning for predicting neutralities in Offensive Language Identification Dataset
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2021.115458
– volume: 29
  start-page: 1203
  issue: 3
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0070
  article-title: A literature survey on multimodal and multilingual automatic hate speech identification
  publication-title: Multimedia Systems
  doi: 10.1007/s00530-023-01051-8
– ident: 10.1016/j.eswa.2024.124278_b0255
  doi: 10.18653/v1/2023.trustnlp-1.24
– volume: 21
  start-page: 1087
  issue: 6
  year: 2004
  ident: 10.1016/j.eswa.2024.124278_b0290
  article-title: Equation of State Calculations by Fast Computing Machines
  publication-title: The Journal of Chemical Physics
  doi: 10.1063/1.1699114
– start-page: 169
  year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0040
  article-title: Universal Sentence Encoder for English
– start-page: 6193
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0235
  article-title: BERT-ATTACK: Adversarial Attack Against BERT Using BERT
– volume: 529
  start-page: 190
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0050
  article-title: TextGuise: Adaptive adversarial example attacks on text classification model
  publication-title: Neurocomputing
  doi: 10.1016/j.neucom.2023.01.071
– start-page: 4511
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0060
  article-title: Multi-granularity Textual Adversarial Attack with Behavior Cloning
– volume: 17
  start-page: 151
  issue: 2
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0450
  article-title: Adversarial Attacks and Defenses in Images, Graphs and Text: A Review
  publication-title: International Journal of Automation and Computing
  doi: 10.1007/s11633-019-1211-x
– volume: 2022
  start-page: 5009
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0155
  article-title: Invernet: An Inversion Attack Framework to Infer Fine-Tuning Datasets through Word Embeddings
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– volume: 2019
  start-page: 9079
  year: 2019
  ident: 10.1016/j.eswa.2024.124278_b0295
  article-title: SparseFool: A Few Pixels Make a Big Difference
  publication-title: IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)
– ident: 10.1016/j.eswa.2024.124278_b0415
  doi: 10.18653/v1/W19-4824
– start-page: 5564
  year: 2019
  ident: 10.1016/j.eswa.2024.124278_b0500
  article-title: Generating Fluent Adversarial Examples for Natural Languages
– start-page: 3197
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0215
  article-title: A New Generation of Perspective API: Efficient Multilingual Character-level Transformers
– ident: 10.1016/j.eswa.2024.124278_b0370
  doi: 10.18653/v1/2021.emnlp-main.374
– ident: 10.1016/j.eswa.2024.124278_b0320
  doi: 10.18653/v1/2020.emnlp-demos.16
– start-page: 3728
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0240
  article-title: RockNER: A Simple Method to Create Adversarial Examples for Evaluating the Robustness of Named Entity Recognition Models
– year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0175
  article-title: Is BERT Really Robust? A Strong Baseline for Natural Language Attack on Text Classification and Entailment
– start-page: 5490
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0080
  article-title: TABS: Efficient Textual Adversarial Attack for Pre-trained NL Code Model Using Semantic Beam Search
– volume: 57
  start-page: 97
  issue: 1
  year: 1970
  ident: 10.1016/j.eswa.2024.124278_b0150
  article-title: Monte Carlo sampling methods using Markov chains and their applications
  publication-title: Biometrika
  doi: 10.1093/biomet/57.1.97
– volume: 2021
  start-page: 945
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0480
  article-title: Towards Improving Adversarial Training of NLP Models
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– ident: 10.1016/j.eswa.2024.124278_b0185
  doi: 10.1109/ICNN.1995.488968
– volume: 269
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0335
  article-title: VABDC-Net: A framework for Visual-Caption Sentiment Recognition via spatio-depth visual attention and bi-directional caption processing
  publication-title: Knowledge-Based Systems
  doi: 10.1016/j.knosys.2023.110515
– ident: 10.1016/j.eswa.2024.124278_b0435
– year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0280
  article-title: Towards Deep Learning Models Resistant to Adversarial Attacks
– ident: 10.1016/j.eswa.2024.124278_b0365
  doi: 10.18653/v1/P19-1561
– volume: 2020
  start-page: 3829
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0315
  article-title: Reevaluating Adversarial Examples in Natural Language
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– ident: 10.1016/j.eswa.2024.124278_b0375
– ident: 10.1016/j.eswa.2024.124278_b0440
  doi: 10.18653/v1/2020.emnlp-main.495
– year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0530
  article-title: FreeLB: Enhanced Adversarial Training for Natural Language Understanding
– volume: 2018
  start-page: 50
  year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0130
  article-title: Black-Box Generation of Adversarial Text Sequences to Evade Deep Learning Classifiers
  publication-title: IEEE Security and Privacy Workshops (SPW)
– volume: 215
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0275
  article-title: Detecting offensive speech in conversational code-mixed dialogue on social media: A contextual dataset and benchmark experiments
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2022.119342
– start-page: 4171
  year: 2019
  ident: 10.1016/j.eswa.2024.124278_b0100
  article-title: BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding
– ident: 10.1016/j.eswa.2024.124278_b0340
  doi: 10.1145/3052973.3053009
– volume: 2023
  start-page: 1853
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0075
  article-title: Are Synonym Substitution Attacks Really Synonym Substitution Attacks?
  publication-title: Findings of the Association for Computational Linguistics: ACL
– start-page: 2180
  year: 2016
  ident: 10.1016/j.eswa.2024.124278_b0055
  article-title: InfoGAN: Interpretable representation learning by information maximizing generative adversarial nets
– volume: 8
  start-page: 4663
  issue: 6
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0300
  article-title: ETHOS: A multi-label hate speech detection dataset
  publication-title: Complex & Intelligent Systems
  doi: 10.1007/s40747-021-00608-2
– volume: 2023
  start-page: 1
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0010
  article-title: Multimodal Sarcasm Recognition by Fusing Textual, Visual and Acoustic content via Multi-Headed Attention for Video Dataset
  publication-title: World Conference on Communication & Computing (WCONF)
– volume: 2023
  start-page: 1
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0120
  article-title: Using Punctuation as an Adversarial Attack on Deep Learning-Based NLP Systems: An Empirical Study
  publication-title: Findings of the Association for Computational Linguistics: EACL
– ident: 10.1016/j.eswa.2024.124278_b0205
– start-page: 31
  year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0105
  article-title: HotFlip: White-Box Adversarial Examples for Text Classification
– volume: 2022
  start-page: 2903
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0325
  article-title: CheckHARD: Checking Hard Labels for Adversarial Text Detection, Prediction Correction, and Perturbed Word Suggestion
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– start-page: 6174
  year: 2020
  ident: 10.1016/j.eswa.2024.124278_b0135
  article-title: BAE: BERT-based Adversarial Examples for Text Classification
– volume: 29
  year: 2016
  ident: 10.1016/j.eswa.2024.124278_b0400
  article-title: Improved Techniques for Training GANs
  publication-title: Advances in Neural Information Processing Systems
– ident: 10.1016/j.eswa.2024.124278_b0140
– ident: 10.1016/j.eswa.2024.124278_b0385
– volume: 2021
  start-page: 2705
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0195
  article-title: Adversarial Examples for Evaluating Math Word Problem Solvers
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– volume: 2023
  start-page: 7132
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0485
  article-title: Bridge the Gap Between CV and NLP! A Gradient-based Textual Adversarial Attack Framework
  publication-title: Findings of the Association for Computational Linguistics: ACL
– volume: 244
  year: 2024
  ident: 10.1016/j.eswa.2024.124278_b0145
  article-title: HumanPoseNet: An all-transformer architecture for pose estimation with efficient patch expansion and attentional feature refinement
  publication-title: Expert Systems with Applications
  doi: 10.1016/j.eswa.2023.122894
– start-page: 1746
  year: 2014
  ident: 10.1016/j.eswa.2024.124278_b0190
  article-title: Convolutional Neural Networks for Sentence Classification
– volume: 2016
  start-page: 2574
  year: 2016
  ident: 10.1016/j.eswa.2024.124278_b0310
  article-title: DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks
  publication-title: IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
– volume: 37
  start-page: 2166719
  issue: 1
  year: 2023
  ident: 10.1016/j.eswa.2024.124278_b0395
  article-title: Detection of Hate Speech using BERT and Hate Speech Word Embedding with Deep Model
  publication-title: Applied Artificial Intelligence
  doi: 10.1080/08839514.2023.2166719
– ident: 10.1016/j.eswa.2024.124278_b0350
  doi: 10.18653/v1/S19-2102
– volume: 32
  year: 2019
  ident: 10.1016/j.eswa.2024.124278_b0470
  article-title: XLNet: Generalized Autoregressive Pretraining for Language Understanding
  publication-title: Advances in Neural Information Processing Systems
– volume: 2022
  start-page: 4599
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0505
  article-title: Generating Textual Adversaries with Minimal Perturbation
  publication-title: Findings of the Association for Computational Linguistics: EMNLP
– year: 2016
  ident: 10.1016/j.eswa.2024.124278_b0260
  article-title: Delving into Transferable Adversarial Examples and Black-box Attacks
– ident: 10.1016/j.eswa.2024.124278_b0380
– start-page: 932
  year: 2022
  ident: 10.1016/j.eswa.2024.124278_b0510
  article-title: Can we Really Trust Explanations? Evaluating the Stability of Feature Attribution Explanation Methods via Adversarial Attack
– volume: 30
  year: 2017
  ident: 10.1016/j.eswa.2024.124278_b0425
  article-title: Attention is All you Need
  publication-title: Advances in Neural Information Processing Systems
– start-page: 1875
  year: 2018
  ident: 10.1016/j.eswa.2024.124278_b0165
  article-title: Adversarial Example Generation with Syntactically Controlled Paraphrase Networks
– ident: 10.1016/j.eswa.2024.124278_b0305
  doi: 10.18653/v1/2021.naacl-main.423
– start-page: 5053
  year: 2021
  ident: 10.1016/j.eswa.2024.124278_b0225
  article-title: Contextualized Perturbation for Textual Adversarial Attack
SSID ssj0017007
Score 2.508396
Snippet The accessibility of online hate speech has increased significantly, making it crucial for social-media companies to prioritize efforts to curb its spread....
SourceID crossref
elsevier
SourceType Enrichment Source
Index Database
Publisher
StartPage 124278
SubjectTerms Adversarial attack
Glyphs
Hate speech
Natural Language Processing (NLP)
Offensive language
Transformers
Title Exposing the Achilles’ heel of textual hate speech classifiers using indistinguishable adversarial examples
URI https://dx.doi.org/10.1016/j.eswa.2024.124278
Volume 254
WOSCitedRecordID wos001263673200001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: ScienceDirect Freedom Collection
  issn: 0957-4174
  databaseCode: AIEXJ
  dateStart: 19950101
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: false
  ssIdentifier: ssj0017007
  providerName: Elsevier
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1db9MwFLVg44EXvhEbH_IDb1Gm1Hbq5LFCRYDQhLQx9S1yHLtdB1nVtGsf-Rv8PX4J98Z2FjY0ARIvUZU2TuR7dHtin3MvIa9NqrgVXMWpVCYWZS7iUnIbD9NK8oopMWzVhCcf5eFhNpnkn7x-vmnbCci6zrbbfPFfQw3nINhonf2LcHeDwgn4DEGHI4Qdjn8U-PEWhVjeBDVCszbq3rymIQdmaFr6iYoPtI7MgGxGzcIYPYs0UulTi92xo3Xj3C4VJoF6usYuzeiyUtjBuVFtsw-zVVhcuPlleR9rJ698hejgnevtkncIm07VctO2G4iO1Fx1So8TuNNGneFSe5sQUZc_i1opeH-Jggn06jmTpls3C96ZS6GSW4CUsRi4Hj0hFzNXUfpaXndLDPMD02ywWBQTB8BLmGv-c6Ve9hEOjOMCV4GXPZHdJrtMpjmkvN3R-_HkQ7fJJBPnpg8P4j1VTv539U6_5y09LnL8gNzzLxF05IL_kNwy9SNyPzTooD5fPyZfAxYoYIEGLPz49p0iCui5pR4FFFFAHQpoDwW0RQG9hgLaQwENKHhCPr8dH795F_v-GrHmSbKKmbJ5lpRyYJhCKssheVumK54Dbx1oXSaZGpjSSvjCZrgfnCalqKo0NbYqWcWfkp36vDbPCAWar1WmMzU0Rhg1VHnKuE7gv9NyGEvskUGYvUL74vPYA-VLEVSG8wJnvMAZL9yM75Gou2bhSq_c-Os0BKXw5NGRwgIwdMN1-_943XNy9xLqL8jOark2L8kdfbE6bZavPNR-Ak-imqk
linkProvider Elsevier
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Exposing+the+Achilles%E2%80%99+heel+of+textual+hate+speech+classifiers+using+indistinguishable+adversarial+examples&rft.jtitle=Expert+systems+with+applications&rft.au=Aggarwal%2C+Sajal&rft.au=Vishwakarma%2C+Dinesh+Kumar&rft.date=2024-11-15&rft.pub=Elsevier+Ltd&rft.issn=0957-4174&rft.volume=254&rft_id=info:doi/10.1016%2Fj.eswa.2024.124278&rft.externalDocID=S0957417424011448
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0957-4174&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0957-4174&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0957-4174&client=summon