ScienceGate Book Chapters
JOURNAL ARTICLE

TextHacker: Learning based Hybrid Local Search Algorithm for Text Hard-label Adversarial Attack

Zhen YuXiaosen WangWanxiang CheKun He

Year: 2022 Pages: 622-637
DOI: 10.18653/v1/2022.findings-emnlp.44
   Get Full-Text PDF    Get Analytical Report

Abstract

Existing textual adversarial attacks usually utilize the gradient or prediction confidence to generate adversarial examples, making it hard to be deployed in real-world applications. To this end, we consider a rarely investigated but more rigorous setting, namely hard-label attack, in which the attacker can only access the prediction label. In particular, we find we can learn the importance of different words via the change on prediction label caused by word substitutions on the adversarial examples. Based on this observation, we propose a novel adversarial attack, termed Text Hard-label attacker (TextHacker). TextHacker randomly perturbs lots of words to craft an adversarial example. Then, TextHacker adopts a hybrid local search algorithm with the estimation of word importance from the attack history to minimize the adversarial perturbation. Extensive evaluations for text classification and textual entailment show that TextHacker significantly outperforms existing hard-label attacks regarding the attack performance as well as adversary quality.

Keywords:
Adversarial system Adversary Computer science Word (group theory) Artificial intelligence Machine learning Theoretical computer science Algorithm Computer security Mathematics

Metrics

10
Cited By
1.95
FWCI (Field Weighted Citation Impact)
38
Refs
0.82
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Advanced Malware Detection Techniques
Physical Sciences →  Computer Science →  Signal Processing
Network Security and Intrusion Detection
Physical Sciences →  Computer Science →  Computer Networks and Communications
Spam and Phishing Detection
Physical Sciences →  Computer Science →  Information Systems

Related Documents

JOURNAL ARTICLE

LeapAttack: Hard-Label Adversarial Attack on Text via Gradient-Based Optimization

Muchao YeJinghui ChenChenglin MiaoTing WangFenglong Ma

Journal:   Proceedings of the 28th ACM SIGKDD Conference on Knowledge Discovery and Data Mining Year: 2022 Pages: 2307-2315
JOURNAL ARTICLE

Efficient text-based evolution algorithm to hard-label adversarial attacks on text

Hao PengZhe WangDandan ZhaoYiming WuJianming HanShixin GuoShouling JiMing Zhong

Journal:   Journal of King Saud University - Computer and Information Sciences Year: 2023 Vol: 35 (5)Pages: 101539-101539
JOURNAL ARTICLE

LimeAttack: Local Explainable Method for Textual Hard-Label Adversarial Attack

Haiyan ZhuQinyang ZhaoWeiwei ShangYuren WuKai Liu

Journal:   Proceedings of the AAAI Conference on Artificial Intelligence Year: 2024 Vol: 38 (17)Pages: 19759-19767
JOURNAL ARTICLE

Hard-label based Small Query Black-box Adversarial Attack

Jeonghwan ParkPaul MillerNiall McLaughlin

Year: 2024 Pages: 3974-3983
JOURNAL ARTICLE

Multi-label Text Classification and Text Adversarial Attack

Yingxin SongZhenyan LiuChunxia Zhang

Year: 2021 Vol: 35 Pages: 532-536
© 2026 ScienceGate Book Chapters — All rights reserved.