Adversarial attack evaluation and defense method for multimodal sentiment analysis model

被引：0

作者：

Fan F. ^{[1
]}

Nie X. ^{[2
]}

Deng X. ^{[2
]}

Liu S. ^{[2
]}

机构：

[1] School of Education, South-Central Minzu University, Wuhan

[2] School of Cyber Science and Engineering, Hubei Key Laboratory of Distributed System Security, Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan

来源：

Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition) | 2023年 / 51卷 / 02期

关键词：

adversarial attack; adversarial defense; multimodal; mutual information maximization; sentiment analysis;

D O I：

10.13245/j.hust.230220

中图分类号：

学科分类号：

摘要：

To systematically explore the robustness of the multimodal sentiment analysis model under adversarial attacks，three classical adversarial attack methods (fast gradient sign method，projected gradient descent，and momentum iterative fast gradient sign method)，two modal data input (visual and acoustic)，and four diverse data feature fusion methods (feature sum，feature concat，multimodal low-rank bilinear，and multimodal tucker fusion) were adopted to comprehensively compare the performance of the models under various combinations，and the internal factors that affect the robustness of multimodal sentiment analysis models were studied．A mutual information maximization based multimodal defense method was proposed to improve the robustness of model by reducing redundant information in input modal features．The research results demonstrate that under the combination of nonlinear feature fusion and bimodal data input，the model defends best against adversarial attacks．After applying the defense method of maximizing mutual information，the performance of the model and the ability to resist attacks can be effectively improved. © 2023 Huazhong University of Science and Technology. All rights reserved.

引用

页码：19 / 24

页数：5

共 17 条

[1] 45, 9, pp. 28-32, (2017)
[2] GUO X, KONG W, KOT A C．, Deep multimodal sequence fusion by regularized expressive representation distillation[J], IEEE Transactions on Multimedia, (2022)
[3] SUN Y, YU N, FU G．, A discourse-aware graph neural network for emotion recognition in multi-party conversation[C], Proc of the Association for Computational Linguistics, pp. 2949-2958, (2021)
[4] PHAN M H, OGUNBONA P O．, Modelling context and syntactical features for aspect-based sentiment analysis [C], Proc of the Association for Computational Linguistics, pp. 3211-3220, (2020)
[5] 6, 5, pp. 36-53, (2020)
[6] GOODFELLOW I J, SZEGEDY C．, Explaining and harnessing adversarial examples
[7] MADRY A, MAKELOV A, SCHMIDT L, Towards deep learning models resistant to adversarial attacks [J/OL]
[8] 48, 6, pp. 39-44, (2020)
[9] 49, 7, pp. 79-91
[10] KRIZHEVSKY A，, SUTSKEVER I，, HINTON G E．, Imagenet classification with deep convolutional neural networks[J], Communications of the ACM, 60, 6, pp. 84-90, (2017)

← 1 2 →