Recent Researches of Robustness in Natural Language Processing Based on Deep Neural Network
In recent years,deep neural network models have exhibited exceptional performance across a wide range of natural language processing tasks,often surpassing human performance in certain domains.The emergence of powerful large-scale language models has opened up new avenues and possibilities for the advancement and application of natural language processing models.However,the efficacy of these models,which demonstrate impressive results on standardized benchmarks,is substantially diminished when deployed in real-world scenarios.Recent investigations have also revealed that the predictions made by these models can be significantly altered through simple modifications,leading to a drastic decline in performance.Even large-scale language models are susceptible to modifying their predictions in response to minor perturbations introduced in the input data.These observations are closely tied to the concept of model robustness,which generally pertains to the ability of a model to maintain consistent output when confronted with new,independent,yet similar data.A highly robust deep learning model exhibits consistent output despite encountering minor alterations that should not significantly impact the resulting prediction.The study of model robustness in deep learning has emerged as a prominent and extensively explored area of interest in the field of natural language processing.A plethora of research endeavors has been dedicated to exploring the concept of robustness in natural language processing(NLP),although many of these studies have focused on specific tasks,failing to consider the broader context.To provide a comprehensive overview of robustness research,this review encompasses the latest advancements in deep NLP from four key perspectives:data construction,model representation,adversarial attacks and defenses,and evaluations.Existing techniques aimed at enhancing or diminishing the robustness of NLP models are also summarized.The foundation of machine learning,data construction,is initially explored,encompassing considerations such as dataset biases and dataset poisoning.Notably,dataset poisoning commonly involves backdoor attacks,wherein triggers are injected into constructed datasets.Consequently,models trained on these poisoned datasets are capable of accurate predictions on clean data,yet exhibit erroneous outputs when encountering data containing specific markers(i.e.,triggers).Subsequently,feature learning,which transforms input data into vectors,is examined with the objective of representing textual content in a task-agnostic and domain-independent manner.Various deep NLP models are introduced,alongside diverse methods for improving model robustness within the domain of model representation,including robustness encoding,knowledge incorporation,task characteristics,and causal inference.Adversarial attack and defense algorithms are presented as means to deceive models and enhance their robustness,respectively.Mainstream adversarial attack methods,such as white-box,black-box,and blind attacks,are discussed.Correspondingly,a multitude of research studies address the challenges of adversarial defense and robustness improvement,which are also included in this paper.Traditional metrics,owing to the issue of robustness,are deemed insufficient for fair and comprehensive evaluations.Consequently,a body of work proposes alternative evaluation metrics to assess the effectiveness of models,and prominent evaluation approaches for both general-purpose and specific NLP tasks are introduced.Finally,potential future research directions and considerations concerning the robustness of natural language processing are deliberated upon,including more rational data construction,more interpretable and robust model representations,imperceptible textual adversarial attacks,efficient adversarial defense techniques,evaluation methods focusing on linguistic knowledge,balancing model robustness and accuracy,and unifying robustness of different domains.
natural language processingrobustnessdeep learningpretrained language modelsadversarial attacks and defenses
NETL
NSTL
万方数据
