Paper Reading AI Learner

ProTransformer: Robustify Transformers via Plug-and-Play Paradigm

2024-10-30 16:38:09
Zhichao Hou, Weizhi Gao, Yuchen Shen, Feiyi Wang, Xiaorui Liu

Abstract

Transformer-based architectures have dominated various areas of machine learning in recent years. In this paper, we introduce a novel robust attention mechanism designed to enhance the resilience of transformer-based architectures. Crucially, this technique can be integrated into existing transformers as a plug-and-play layer, improving their robustness without the need for additional training or fine-tuning. Through comprehensive experiments and ablation studies, we demonstrate that our ProTransformer significantly enhances the robustness of transformer models across a variety of prediction tasks, attack mechanisms, backbone architectures, and data domains. Notably, without further fine-tuning, the ProTransformer consistently improves the performance of vanilla transformers by 19.5%, 28.3%, 16.1%, and 11.4% for BERT, ALBERT, DistilBERT, and RoBERTa, respectively, under the classical TextFooler attack. Furthermore, ProTransformer shows promising resilience in large language models (LLMs) against prompting-based attacks, improving the performance of T5 and LLaMA by 24.8% and 17.8%, respectively, and enhancing Vicuna by an average of 10.4% against the Jailbreaking attack. Beyond the language domain, ProTransformer also demonstrates outstanding robustness in both vision and graph domains.

Abstract (translated)

基于 Transformer 的架构近年来在机器学习的各个领域占据了主导地位。本文介绍了一种新颖的鲁棒注意力机制,旨在增强基于 Transformer 架构的韧性。至关重要的是,这项技术可以作为即插即用层集成到现有的 Transformer 中,无需额外训练或微调即可提高其鲁棒性。通过全面的实验和消融研究,我们证明了我们的 ProTransformer 显著增强了在多种预测任务、攻击机制、基础架构和数据域中的 Transformer 模型的鲁棒性。值得注意的是,在经典的 TextFooler 攻击下,无需进一步微调,ProTransformer 一致地提高了普通 Transformer 的性能:BERT 提升 19.5%,ALBERT 提升 28.3%,DistilBERT 提升 16.1%,RoBERTa 提升 11.4%。此外,在大语言模型(LLMs)对抗提示攻击时,ProTransformer 表现出了良好的韧性,提高了 T5 和 LLaMA 的性能分别为 24.8% 和 17.8%,并且在应对 Jailbreaking 攻击时,平均提升了 Vicuna 的性能达 10.4%。除了语言领域之外,在视觉和图领域中,ProTransformer 还展示了出色的鲁棒性。

URL

https://arxiv.org/abs/2410.23182

PDF

https://arxiv.org/pdf/2410.23182.pdf


Tags
3D Action Action_Localization Action_Recognition Activity Adversarial Agent Attention Autonomous Bert Boundary_Detection Caption Chat Classification CNN Compressive_Sensing Contour Contrastive_Learning Deep_Learning Denoising Detection Dialog Diffusion Drone Dynamic_Memory_Network Edge_Detection Embedding Embodied Emotion Enhancement Face Face_Detection Face_Recognition Facial_Landmark Few-Shot Gait_Recognition GAN Gaze_Estimation Gesture Gradient_Descent Handwriting Human_Parsing Image_Caption Image_Classification Image_Compression Image_Enhancement Image_Generation Image_Matting Image_Retrieval Inference Inpainting Intelligent_Chip Knowledge Knowledge_Graph Language_Model LLM Matching Medical Memory_Networks Multi_Modal Multi_Task NAS NMT Object_Detection Object_Tracking OCR Ontology Optical_Character Optical_Flow Optimization Person_Re-identification Point_Cloud Portrait_Generation Pose Pose_Estimation Prediction QA Quantitative Quantitative_Finance Quantization Re-identification Recognition Recommendation Reconstruction Regularization Reinforcement_Learning Relation Relation_Extraction Represenation Represenation_Learning Restoration Review RNN Robot Salient Scene_Classification Scene_Generation Scene_Parsing Scene_Text Segmentation Self-Supervised Semantic_Instance_Segmentation Semantic_Segmentation Semi_Global Semi_Supervised Sence_graph Sentiment Sentiment_Classification Sketch SLAM Sparse Speech Speech_Recognition Style_Transfer Summarization Super_Resolution Surveillance Survey Text_Classification Text_Generation Time_Series Tracking Transfer_Learning Transformer Unsupervised Video_Caption Video_Classification Video_Indexing Video_Prediction Video_Retrieval Visual_Relation VQA Weakly_Supervised Zero-Shot