We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CL

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Computation and Language

Title: Breaking BERT: Understanding its Vulnerabilities for Named Entity Recognition through Adversarial Attack

Abstract: Both generic and domain-specific BERT models are widely used for natural language processing (NLP) tasks. In this paper we investigate the vulnerability of BERT models to variation in input data for Named Entity Recognition (NER) through adversarial attack. Experimental results show that BERT models are vulnerable to variation in the entity context with 20.2 to 45.0% of entities predicted completely wrong and another 29.3 to 53.3% of entities predicted wrong partially. BERT models seem most vulnerable to changes in the local context of entities and often a single change is sufficient to fool the model. The domain-specific BERT model trained from scratch (SciBERT) is more vulnerable than the original BERT model or the domain-specific model that retains the BERT vocabulary (BioBERT). We also find that BERT models are particularly vulnerable to emergent entities. Our results chart the vulnerabilities of BERT models for NER and emphasize the importance of further research into uncovering and reducing these weaknesses.
Subjects: Computation and Language (cs.CL); Information Retrieval (cs.IR)
Cite as: arXiv:2109.11308 [cs.CL]
  (or arXiv:2109.11308v3 [cs.CL] for this version)

Submission history

From: Anne Dirkson [view email]
[v1] Thu, 23 Sep 2021 11:47:27 GMT (111kb,D)
[v2] Thu, 14 Oct 2021 13:22:43 GMT (1500kb,D)
[v3] Mon, 31 Jan 2022 12:57:19 GMT (1501kb,D)

Link back to: arXiv, form interface, contact.