The reviewed record of science sign in
Pith

arxiv: 2005.05909 · v4 · pith:DPQFABCH · submitted 2020-04-29 · cs.CL · cs.AI· cs.LG

TextAttack: A Framework for Adversarial Attacks, Data Augmentation, and Adversarial Training in NLP

Reviewed by Pithpith:DPQFABCHopen to challenge →

classification cs.CL cs.AIcs.LG
keywords adversarialattackstextattackaugmentationdatatrainingcodecomponents
0
0 comments X
read the original abstract

While there has been substantial research using adversarial attacks to analyze NLP models, each attack is implemented in its own code repository. It remains challenging to develop NLP attacks and utilize them to improve model performance. This paper introduces TextAttack, a Python framework for adversarial attacks, data augmentation, and adversarial training in NLP. TextAttack builds attacks from four components: a goal function, a set of constraints, a transformation, and a search method. TextAttack's modular design enables researchers to easily construct attacks from combinations of novel and existing components. TextAttack provides implementations of 16 adversarial attacks from the literature and supports a variety of models and datasets, including BERT and other transformers, and all GLUE tasks. TextAttack also includes data augmentation and adversarial training modules for using components of adversarial attacks to improve model accuracy and robustness. TextAttack is democratizing NLP: anyone can try data augmentation and adversarial training on any model or dataset, with just a few lines of code. Code and tutorials are available at https://github.com/QData/TextAttack.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 5 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Trustworthy Recommendation in the Era of Large Language Models: Opportunities and Challenges

    cs.IR 2026-05 unverdicted novelty 6.0

    A systematic review of over 200 studies concludes that LLMs in recommender systems act as a double-edged sword, creating both opportunities and new risks for trustworthiness.

  2. SmoothLLM: Defending Large Language Models Against Jailbreaking Attacks

    cs.LG 2023-10 accept novelty 6.0

    SmoothLLM mitigates jailbreaking attacks on LLMs by randomly perturbing multiple copies of a prompt at the character level and aggregating the outputs to detect adversarial inputs.

  3. Baseline Defenses for Adversarial Attacks Against Aligned Language Models

    cs.LG 2023-09 conditional novelty 6.0

    Baseline defenses including perplexity-based detection, input preprocessing, and adversarial training offer partial robustness to text adversarial attacks on LLMs, with challenges arising from weak discrete optimizers.

  4. Unveiling Unicode's Unseen Underpinnings in Undermining Authorship Attribution

    cs.CR 2025-08 unverdicted novelty 3.0

    The paper proposes integrating Unicode steganography into adversarial stylometry to undermine authorship attribution.

  5. AI Researchers Must Help Lead Arms Control to Mitigate Military AI Risks

    cs.CY 2026-06 unverdicted novelty 2.0

    AI researchers must lead technical research in arms control to mitigate risks from military AI systems, drawing lessons from nuclear deterrence.