學術產出-Theses
Article View/Open
Publication Export
-
題名 強化深度學習對於自然語言處理的強韌度-以假新聞偵測為例
Enhancing Deep Learning Robustness for Nature Language Processing : Fake News Detection as an Example作者 余昊祥
Yu, Hao-Hsiang貢獻者 胡毓忠
Hu,Yuh-Jong
余昊祥
Yu, Hao-Hsiang關鍵詞 假新聞偵測
對抗式攻擊
假新聞偵測
Fake news detection
Adversarial attack
Adversarial Defence
TextFooler日期 2022 上傳時間 2-Sep-2022 15:47:00 (UTC+8) 摘要 因為互聯網與社群媒體的推波助瀾,網路新聞已經成為重要的新聞來源。近幾年因為對抗式攻擊研究議題興起,使得運用深度學習模型偵測假新聞的辨識正確性備受挑戰。本研究嘗試透過 TFIDF、TextRank、KeyBERT 等文字探勘方法,以及測試模型輸出 LogitOut 方法,找到文本中容易受到 TextFooler 擾動的標的,再將找到的關鍵單詞進行同義詞置換生成模擬對抗樣本,透過對抗式訓練的方式強化 BERT 假新聞判別器對於 TextFooler 攻擊的強韌度。實驗結果發現:(1) 文字探勘方法中 KeyBERT 較能找出 TextFooler 攻擊單詞,而模型輸出 LogitOut 又明顯優於文字探勘方法。(2) 關鍵字搜尋方法對於 TextFooler 攻擊單詞命中率越高,越能透過同義詞置換生成模擬對抗範例,並藉由訓練模擬對抗範例後提升 BERT 假新聞判別器對於 TextFooler 對抗式攻擊的強韌度。
In recent years, the research of adversarial attack has emerged, making the fake news detection by using deep learning method challenging again.In this study, we try to increase the robustness of BERT fake news detector against TextFooler by training simulated adversarial samples. To generate simulated adversarial samples, we use both text mining method such as TFIDF, TextRank, KeyBERT and method by testing model ouput (LogitOut) combining with synonyms replacement strategy. The experimental results found that (1) KeyBERT is more capable of identifying the attacked subject by TextFooler comparing with other text mining methods, and testing modeloutput(LogitOut) method is much better than text mining methods. (2) The robustness of BERT fake news detector against TextFooler can be improved after adding the simulated adversarial examples mentioned above.參考文獻 [1] Nic Newman, Richard Fletcher, and David A. L. Levy, et al. digital-newsreport2016. Digital Journalism. https://reutersinstitute.politics.ox.ac.uk/our-research/digital-news-report-2016, 2016.[2] Edson C., Tandoc Jr., and Zheng Wei Lim, et al. Defining fake news. Digital Jour-nalism. https://doi.org/10.1080/21670811.2017.1360143, 2018.[3] Ashish Vaswani, Noam M. Shazeer, and Niki Parmar, et al. Attention is all you need.arXiv preprint arXiv:1706.03762, 2017.[4] Jacob Devlin, MingWei Chang, and Kenton Lee, et al. Bert: Pretraining of deep bidirectional transformers for language understanding. arXiv preprintarXiv:1810.04805, 2019.[5] Haoming Guo, Tianyi Huan, and Huixuan Huang, et al. Detecting covid19 conspir-acy theories with transformers and tfidf. arXiv preprint arXiv:2205.00377, 2022.[6] Jin Di, Jin Zhijing, and Zhou Joey Tianyi, et al. Is bert really robust? natural language attack on text classification and entailment. arXiv preprint arXiv:1907.11932, 2019.[7] Shilin Qiu, Qihe Liu, and Shijie Zhou, et al. Adversarial attack and defense tech-nologies in natural language processing: A survey. Neurocomputing, 2022.[8] Ji Gao, Jack Lanchantin, and Mary Lou Soffa, et al. Blackbox generation of adver-sarial text sequences to evade deep learning classifiers. In 2018 IEEE Security andPrivacy Workshops (SPW). IEEE, 2018.[9] Robin Jia, Percy Liang. Adversarial examples for evaluating reading comprehension systems. arXiv preprint arXiv:1707.07328, 2017.[10] Zhihong Shao, Zitao Liu, and Jiyong Zhang, et al. Advexpander: Generating natu-ral language adversarial examples by expanding text. IEEE/ACM Transactions onAudio, Speech, and Language Processing, 2022.[11] Daniel Matthew Cer, Yinfei Yang, and Shengyi Kong, et al. Universal sentence encoder. arXiv preprint arXiv:1803.11175, 2018.[12] Mein Gunnar, Hartman Kevin, Morris Andrew. Firebert: Hardening bertbased clas-sifiers against adversarial attack. arXiv preprint arXiv:2008.04203, 2020.[13] Page Lawrence, Brin Sergey, and Motwani Rajeev, et al. The pagerank citation ranking: Bringing order to the web. Technical report, Stanford InfoLab, 1999.[14] Mihalcea Rada, Tarau Paul. Textrank: Bringing order into text. In Proceedings of the 2004 conference on empirical methods in natural language processing, 2004.[15] Grootendorst, Maarten. Keybert: Minimal keyword extraction with bert. [Internet].Available: https://maartengr. github. io/KeyBERT/index. html, 2020.[16] Nikola Mrksic, Diarmuid Ó Séaghdha, and Blaise Thomson, et al. Counterfitting word vectors to linguistic constraints. In NAACL, 2016. 描述 碩士
國立政治大學
資訊科學系碩士在職專班
106971008資料來源 http://thesis.lib.nccu.edu.tw/record/#G0106971008 資料類型 thesis dc.contributor.advisor 胡毓忠 zh_TW dc.contributor.advisor Hu,Yuh-Jong en_US dc.contributor.author (Authors) 余昊祥 zh_TW dc.contributor.author (Authors) Yu, Hao-Hsiang en_US dc.creator (作者) 余昊祥 zh_TW dc.creator (作者) Yu, Hao-Hsiang en_US dc.date (日期) 2022 en_US dc.date.accessioned 2-Sep-2022 15:47:00 (UTC+8) - dc.date.available 2-Sep-2022 15:47:00 (UTC+8) - dc.date.issued (上傳時間) 2-Sep-2022 15:47:00 (UTC+8) - dc.identifier (Other Identifiers) G0106971008 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/141837 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系碩士在職專班 zh_TW dc.description (描述) 106971008 zh_TW dc.description.abstract (摘要) 因為互聯網與社群媒體的推波助瀾,網路新聞已經成為重要的新聞來源。近幾年因為對抗式攻擊研究議題興起,使得運用深度學習模型偵測假新聞的辨識正確性備受挑戰。本研究嘗試透過 TFIDF、TextRank、KeyBERT 等文字探勘方法,以及測試模型輸出 LogitOut 方法,找到文本中容易受到 TextFooler 擾動的標的,再將找到的關鍵單詞進行同義詞置換生成模擬對抗樣本,透過對抗式訓練的方式強化 BERT 假新聞判別器對於 TextFooler 攻擊的強韌度。實驗結果發現:(1) 文字探勘方法中 KeyBERT 較能找出 TextFooler 攻擊單詞,而模型輸出 LogitOut 又明顯優於文字探勘方法。(2) 關鍵字搜尋方法對於 TextFooler 攻擊單詞命中率越高,越能透過同義詞置換生成模擬對抗範例,並藉由訓練模擬對抗範例後提升 BERT 假新聞判別器對於 TextFooler 對抗式攻擊的強韌度。 zh_TW dc.description.abstract (摘要) In recent years, the research of adversarial attack has emerged, making the fake news detection by using deep learning method challenging again.In this study, we try to increase the robustness of BERT fake news detector against TextFooler by training simulated adversarial samples. To generate simulated adversarial samples, we use both text mining method such as TFIDF, TextRank, KeyBERT and method by testing model ouput (LogitOut) combining with synonyms replacement strategy. The experimental results found that (1) KeyBERT is more capable of identifying the attacked subject by TextFooler comparing with other text mining methods, and testing modeloutput(LogitOut) method is much better than text mining methods. (2) The robustness of BERT fake news detector against TextFooler can be improved after adding the simulated adversarial examples mentioned above. en_US dc.description.tableofcontents 第一章 緒論 1第一節 研究背景 1第二節 研究動機 9第三節 研究目的 9第四節 研究問題 10第二章 文獻探討 12第一節 針對 TextFooler 攻擊的防守策略 12第二節 FireBERT 12第三章 研究方法 14第一節 研究流程 14第二節 資料蒐集與建立 BERT 假新聞判別器 15第三節 TextFooler 對抗範例生成與測試 16第四節 模擬對抗範例訓練資料生成與 BERT 假新聞判別器優化 16第四章 研究結果與分析 23第一節 研究環境 23第二節 資料蒐集與建立 BERT 假新聞判別器 25第三節 TextFooler 對抗範例生成與測試 28第四節 模擬對抗範例訓練資料生成 30第五節 交叉分析 37第五章 結論與未來研究 39第一節 結論 39第二節 未來研究 40參考文獻 41 zh_TW dc.format.extent 3436463 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0106971008 en_US dc.subject (關鍵詞) 假新聞偵測 zh_TW dc.subject (關鍵詞) 對抗式攻擊 zh_TW dc.subject (關鍵詞) 假新聞偵測 zh_TW dc.subject (關鍵詞) Fake news detection en_US dc.subject (關鍵詞) Adversarial attack en_US dc.subject (關鍵詞) Adversarial Defence en_US dc.subject (關鍵詞) TextFooler en_US dc.title (題名) 強化深度學習對於自然語言處理的強韌度-以假新聞偵測為例 zh_TW dc.title (題名) Enhancing Deep Learning Robustness for Nature Language Processing : Fake News Detection as an Example en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [1] Nic Newman, Richard Fletcher, and David A. L. Levy, et al. digital-newsreport2016. Digital Journalism. https://reutersinstitute.politics.ox.ac.uk/our-research/digital-news-report-2016, 2016.[2] Edson C., Tandoc Jr., and Zheng Wei Lim, et al. Defining fake news. Digital Jour-nalism. https://doi.org/10.1080/21670811.2017.1360143, 2018.[3] Ashish Vaswani, Noam M. Shazeer, and Niki Parmar, et al. Attention is all you need.arXiv preprint arXiv:1706.03762, 2017.[4] Jacob Devlin, MingWei Chang, and Kenton Lee, et al. Bert: Pretraining of deep bidirectional transformers for language understanding. arXiv preprintarXiv:1810.04805, 2019.[5] Haoming Guo, Tianyi Huan, and Huixuan Huang, et al. Detecting covid19 conspir-acy theories with transformers and tfidf. arXiv preprint arXiv:2205.00377, 2022.[6] Jin Di, Jin Zhijing, and Zhou Joey Tianyi, et al. Is bert really robust? natural language attack on text classification and entailment. arXiv preprint arXiv:1907.11932, 2019.[7] Shilin Qiu, Qihe Liu, and Shijie Zhou, et al. Adversarial attack and defense tech-nologies in natural language processing: A survey. Neurocomputing, 2022.[8] Ji Gao, Jack Lanchantin, and Mary Lou Soffa, et al. Blackbox generation of adver-sarial text sequences to evade deep learning classifiers. In 2018 IEEE Security andPrivacy Workshops (SPW). IEEE, 2018.[9] Robin Jia, Percy Liang. Adversarial examples for evaluating reading comprehension systems. arXiv preprint arXiv:1707.07328, 2017.[10] Zhihong Shao, Zitao Liu, and Jiyong Zhang, et al. Advexpander: Generating natu-ral language adversarial examples by expanding text. IEEE/ACM Transactions onAudio, Speech, and Language Processing, 2022.[11] Daniel Matthew Cer, Yinfei Yang, and Shengyi Kong, et al. Universal sentence encoder. arXiv preprint arXiv:1803.11175, 2018.[12] Mein Gunnar, Hartman Kevin, Morris Andrew. Firebert: Hardening bertbased clas-sifiers against adversarial attack. arXiv preprint arXiv:2008.04203, 2020.[13] Page Lawrence, Brin Sergey, and Motwani Rajeev, et al. The pagerank citation ranking: Bringing order to the web. Technical report, Stanford InfoLab, 1999.[14] Mihalcea Rada, Tarau Paul. Textrank: Bringing order into text. In Proceedings of the 2004 conference on empirical methods in natural language processing, 2004.[15] Grootendorst, Maarten. Keybert: Minimal keyword extraction with bert. [Internet].Available: https://maartengr. github. io/KeyBERT/index. html, 2020.[16] Nikola Mrksic, Diarmuid Ó Séaghdha, and Blaise Thomson, et al. Counterfitting word vectors to linguistic constraints. In NAACL, 2016. zh_TW dc.identifier.doi (DOI) 10.6814/NCCU202201381 en_US
