Evaluating and Enhancing the Robustness of Sustainable Neural Relationship Classifiers Using Query-Efficient Black-Box Adversarial Attacks

Neural relation extraction (NRE) models are the backbone of various machine learning tasks, including knowledge base enrichment, information extraction, and document summarization. Despite vast popularity these models, their vulnerabilities remain unknown; this is high concern given growing use in security-sensitive applications such as question answering translation aspects sustainability. In study, we demonstrate that NRE inherently vulnerable to adversarially crafted text contains imperceptible modifications original but can mislead target model. Specifically, propose a novel sustainable term frequency-inverse frequency (TFIDF) based black-box adversarial attack evaluate robustness state-of-the-art CNN, CGN, LSTM, BERT-based on two benchmark RE datasets. Compared with white-box attacks, attacks impose further constraints query budget; thus, efficient an open problem. By applying TFIDF correctly classified sentences each class label test set, proposed query-efficient method achieves reduction up 70% number queries model for identifying important items. Based items, design both character- word-level perturbations generate examples. The successfully reduces accuracy six representative from average F1 score 80% below 20%. generated examples were evaluated by humans considered semantically similar. Moreover, discuss defense strategies mitigate potential countermeasures could be deployed order improve sustainability scheme.