Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions

Abstract

Large Language Models (LLMs) have introduced novel opportunities for text comprehension and generation. Yet, they are vulnerable to adversarial perturbations and data poisoning attacks, particularly in tasks like text classification and translation. However, the adversarial robustness of abstractive text summarization models remains less explored. In this work, we unveil a novel approach by exploiting the inherent lead bias in summarization models, to perform adversarial perturbations. Furthermore, we introduce an innovative application of influence functions, to execute data poisoning, which compromises the model’s integrity. This approach not only shows a skew in the models’ behavior to produce desired outcomes but also shows a new behavioral change, where models under attack tend to generate extractive summaries rather than abstractive summaries.

Anthology ID:: 2024.findings-emnlp.804
Volume:: Findings of the Association for Computational Linguistics: EMNLP 2024
Month:: November
Year:: 2024
Address:: Miami, Florida, USA
Editors:: Yaser Al-Onaizan, Mohit Bansal, Yun-Nung Chen
Venue:: Findings
SIG:
Publisher:: Association for Computational Linguistics
Note:
Pages:: 13727–13741
Language:
URL:: https://aclanthology.org/2024.findings-emnlp.804/
DOI:: 10.18653/v1/2024.findings-emnlp.804
Bibkey:
Cite (ACL):: Poojitha Thota and Shirin Nilizadeh. 2024. Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions. In Findings of the Association for Computational Linguistics: EMNLP 2024, pages 13727–13741, Miami, Florida, USA. Association for Computational Linguistics.
Cite (Informal):: Attacks against Abstractive Text Summarization Models through Lead Bias and Influence Functions (Thota & Nilizadeh, Findings 2024)
Copy Citation:
PDF:: https://aclanthology.org/2024.findings-emnlp.804.pdf

PDF Cite Search Fix data