Zhenghong Lin,Yanchao Tan,Yunfei Zhan,Weiming Liu,Fan Wang,Chaochao Chen,Shiping Wang,Carl Yang

DOI: https://doi.org/10.1145/3581783.3612362

2023-01-01

Abstract:With the rapid growth of multimedia-sharing platforms (e.g. Twitter and TikTok), multimedia recommender systems have become fundamental for helping users alleviate information overload and discover items of interest. Existing multimedia recommendation methods often incorporate various auxiliary modalities (e.g., visual, textual, and acoustic) to describe item characteristics and improve task performance. However, these methods usually assume that each item is associated with complete modalities, ignoring the prevalence of missing modality issues in real-world scenarios. To deal with the challenge of missing modalities, in this paper, we propose a novel framework of Contrastive Intra- and Inter-Modality Generation (CI2MG) for enhancing incomplete multimedia recommendation. We first develop a contrastive intra- and inter-modality generation module for the missing modalities, where the intra-modality representation is updated through clustering-based hypergraph convolution and inter-modality representation is obtained by optimal transport between different modalities. To tackle the challenge of insufficient and incomplete supervision labels during intra- and inter-modality generation, a modality-aware contrastive learning paradigm is introduced based on an augmentation between the intra-modality view and inter-modality view. Furthermore, to learn task-related representations from the generative modalities and further improve the performance of recommendation, we design an enhanced multimedia recommendation module to alleviate the influences driven by task-irrelevant noise. Extensive experiments on real-world datasets show the superiority of our proposed CI2MG framework in offering great potential for personalized multimedia recommendation over the state-of-the-art baselines regarding Recall, NDCG, and Precision metrics.

Yu Shang,Chen Gao,Jiansheng Chen,Depeng Jin,Yong Li

DOI: https://doi.org/10.1145/3589334.3648156

2024-01-01

Abstract:Multimodal recommender systems have acquired applications in broad web scenarios such as e-commerce businesses and short-video platforms. Existing multimodal recommendation methods generally boost performance by introducing item-side multimodal content as supplement information. However, the common training paradigm, i.e., encoding unimodal content respectively and fusing them to fit user preference scores, makes the model biased towards items with prevailing modality content under non-uniform training data. This results in a serious item-side unfairness issue, i.e., some items with prevailing modality content are over-recommended while a large number of items don't receive adequate recommendation opportunities, leaving corresponding content providers at great disadvantage. Aiming to eliminate such modality bias and promote item-side fairness, we propose a fairness-aware modality debiasing framework based on counterfactual inference. In the training stage, we additionally introduce unimodal prediction branches to capture the modality bias. In the inference stage, we conduct a fairness-aware counterfactual inference to adaptively eliminate the modality bias. The proposed framework is model-agnostic and flexible to be implemented in various multimodal recommendation models. Extensive experiments on two datasets demonstrate that the proposed method can significantly enhance item-side fairness while providing competitive recommendation accuracy. Our proposed framework is expected to help mitigate the unfair treatment experienced by vulnerable content providers on multimedia web platforms. Codes are available in https://github.com/tsinghua-fib-lab-WWW2024-Modality-Debiasing.

Jinhui Tang,Xiaoyu Du,Xiangnan He,Fajie Yuan,Qi Tian,Tat-Seng Chua

DOI: https://doi.org/10.48550/arXiv.1809.07062

2019-05-29

Abstract:With the prevalence of multimedia content on the Web, developing recommender solutions that can effectively leverage the rich signal in multimedia data is in urgent need. Owing to the success of deep neural networks in representation learning, recent advance on multimedia recommendation has largely focused on exploring deep learning methods to improve the recommendation accuracy. To date, however, there has been little effort to investigate the robustness of multimedia representation and its impact on the performance of multimedia recommendation. In this paper, we shed light on the robustness of multimedia recommender system. Using the state-of-the-art recommendation framework and deep image features, we demonstrate that the overall system is not robust, such that a small (but purposeful) perturbation on the input image will severely decrease the recommendation accuracy. This implies the possible weakness of multimedia recommender system in predicting user preference, and more importantly, the potential of improvement by enhancing its robustness. To this end, we propose a novel solution named Adversarial Multimedia Recommendation (AMR), which can lead to a more robust multimedia recommender model by using adversarial learning. The idea is to train the model to defend an adversary, which adds perturbations to the target image with the purpose of decreasing the model's accuracy. We conduct experiments on two representative multimedia recommendation tasks, namely, image recommendation and visually-aware product recommendation. Extensive results verify the positive effect of adversarial learning and demonstrate the effectiveness of our AMR method. Source codes are available in <a class="link-external link-https" href="https://github.com/duxy-me/AMR" rel="external noopener nofollow">this https URL</a>.

Information Retrieval,Multimedia

Xiyuan Gao,Bing Cao,Pengfei Zhu,Nannan Wang,Qinghua Hu

2025-01-02

Abstract:The strength of multimodal learning lies in its ability to integrate information from various sources, providing rich and comprehensive insights. However, in real-world scenarios, multi-modal systems often face the challenge of dynamic modality contributions, the dominance of different modalities may change with the environments, leading to suboptimal performance in multimodal learning. Current methods mainly enhance weak modalities to balance multimodal representation bias, which inevitably optimizes from a partialmodality perspective, easily leading to performance descending for dominant modalities. To address this problem, we propose an Asymmetric Reinforcing method against Multimodal representation bias (ARM). Our ARM dynamically reinforces the weak modalities while maintaining the ability to represent dominant modalities through conditional mutual information. Moreover, we provide an in-depth analysis that optimizing certain modalities could cause information loss and prevent leveraging the full advantages of multimodal data. By exploring the dominance and narrowing the contribution gaps between modalities, we have significantly improved the performance of multimodal learning, making notable progress in mitigating imbalanced multimodal learning.

Computer Vision and Pattern Recognition

Jingwen Ye,Ruonan Yu,Songhua Liu,Xinchao Wang

2023-12-20

Abstract:Adversarial attacks constitute a notable threat to machine learning systems, given their potential to induce erroneous predictions and classifications. However, within real-world contexts, the essential specifics of the deployed model are frequently treated as a black box, consequently mitigating the vulnerability to such attacks. Thus, enhancing the transferability of the adversarial samples has become a crucial area of research, which heavily relies on selecting appropriate surrogate models. To address this challenge, we propose a novel approach that generates adversarial attacks in a mutual-modality optimization scheme. Our approach is accomplished by leveraging the pre-trained CLIP model. Firstly, we conduct a visual attack on the clean image that causes semantic perturbations on the aligned embedding space with the other textual modality. Then, we apply the corresponding defense on the textual modality by updating the prompts, which forces the re-matching on the perturbed embedding space. Finally, to enhance the attack transferability, we utilize the iterative training strategy on the visual attack and the textual defense, where the two processes optimize from each other. We evaluate our approach on several benchmark datasets and demonstrate that our mutual-modal attack strategy can effectively produce high-transferable attacks, which are stable regardless of the target networks. Our approach outperforms state-of-the-art attack methods and can be readily deployed as a plug-and-play solution.

Computer Vision and Pattern Recognition

Xue Dong,Xuemeng Song,Minghui Tian,Linmei Hu

DOI: https://doi.org/10.1016/j.inffus.2023.101989

IF: 18.6

2024-01-01

Information Fusion

Abstract:Beyond conventional recommendation systems that rely merely on user-item interaction data, multimodal recommendation systems additionally exploit the item multimodal data for boosting the recommendation performance. In this research line, late fusion-based approaches that first predict user ratings for each item modality independently and then merge these predictions for a final user rating have made significant advancements. Nevertheless, these methods still have the following two issues: (1) they utilize individual user embeddings to model user interest in different modalities, while overlooking the underlying relationship among modalities and significantly increasing the memory costs; and (2) they overlook the unreliable interest learned from certain modality, thus hindering the accurate final rating learning. To address these issues, we propose a prompt-based and weak-modality enhanced multimodal recommendation framework. It consists of two key components: (1) multimodal prompted user interest learning that adopts a single user embedding with different modality prompts to model different modality-specific user interests, and (2) weak-modality enhanced training that enhances the user interest learning in modalities where the predictions are less unreliable, ensuring well-balanced learning across all modalities. Extensive experiments on Amazon datasets have demonstrated the effectiveness of the proposed framework. The two components deployed onto existing methods help to make them more effective and efficient.

Guangli Li,Jianwu Zhuo,Chuanxiu Li,Jin Hua,Tian Yuan,Zhengyu Niu,Donghong Ji,Renzhong Wu,Hongbin Zhang

DOI: https://doi.org/10.1016/j.ins.2021.05.022

IF: 8.1

2021-01-01

Information Sciences

Abstract:Recommendation system is facing the "data sparseness" issue. Additional information, including images, texts, and videos, contributes to alleviating this issue. We propose a new multi-modal visual adversarial Bayesian personalized ranking (MVABPR) model to address the issue. The proposed model takes new features, cross-modal semantics, adversarial learning, and visual interface into account. Two multi-modal datasets are created based on the MovieLens datasets and the correlated images. Besides the shape, texture, color, and deep learning-based features, a set of efficient match kernel features are proposed. More discriminative but low-dimensional cross-modal semantics among these features is mined to characterize each item effectively, which is absorbed into the MVABPR model through a visual interface. A new adversarial learning strategy is employed to optimize the whole training procedure. This makes the MVABPR model more robust and stable. Experimental results demonstrate that the MVABPR model is effective and robust for recommendation. It outperforms other competitive baselines. As another advantage, it can learn visual information and users' rating jointly, effectively, combined with adversarial learning. And the implicit feeling tone of a recommended item can be accurately captured by the proposed model. More importantly, the model achieves better performance on a large-scale sparser dataset, demonstrating its higher practicality. (c) 2021 Elsevier Inc. All rights reserved.

Zequn Yang,Yake Wei,Ce Liang,Di Hu

2024-02-09

Abstract:Multi-modal models have shown a promising capability to effectively integrate information from various sources, yet meanwhile, they are found vulnerable to pervasive perturbations, such as uni-modal attacks and missing conditions. To counter these perturbations, robust multi-modal representations are highly expected, which are positioned well away from the discriminative multi-modal decision boundary. In this paper, different from conventional empirical studies, we focus on a commonly used joint multi-modal framework and theoretically discover that larger uni-modal representation margins and more reliable integration for modalities are essential components for achieving higher robustness. This discovery can further explain the limitation of multi-modal robustness and the phenomenon that multi-modal models are often vulnerable to attacks on the specific modality. Moreover, our analysis reveals how the widespread issue, that the model has different preferences for modalities, limits the multi-modal robustness by influencing the essential components and could lead to attacks on the specific modality highly effective. Inspired by our theoretical finding, we introduce a training procedure called Certifiable Robust Multi-modal Training (CRMT), which can alleviate this influence from modality preference and explicitly regulate essential components to significantly improve robustness in a certifiable manner. Our method demonstrates substantial improvements in performance and robustness compared with existing methods. Furthermore, our training procedure can be easily extended to enhance other robust training strategies, highlighting its credibility and flexibility.

Computer Vision and Pattern Recognition,Multimedia

Agyemang Paul,Zhefu Wu,Kai Luo,Yuhang Ma,Luping Fang

DOI: https://doi.org/10.1007/s13042-023-01868-9

2023-05-27

International Journal of Machine Learning and Cybernetics

Abstract:Multimedia Recommendation Systems (MRSs) have shown to be quite effective in learning consumer preferences and recommending the best multimedia products. Recent breakthroughs in adversarial machine learning have piqued the interest of researchers in the security of MRSs. It has been established that widely deployed MRSs are not resilient to detrimental perturbations applied to the learnt parameters, which can result in a significant loss in recommendation accuracy. Adversarial Multimedia Ranking (AMR) mitigates this problem by boosting Visual Bayesian Pairwise Ranking (VBPR) through adversarial learning. The quantitative gains in AMR’s performance on VBPR have led to its widespread implementation in numerous MRS models. However, in MRSs, this strategy overlooks the collaborative feature and is unable to effectively capture the smoothness of data distribution. We contend that modeling MRSs requires the collaborative feature, which displays the behavioral similarity between consumers and products. In this paper, we implement directed adversarial learning with the explicit introduction of the collaborative feature into the perturbation process. Technically, we propose the Adversarial Dynamic Collaborative Filtering (ADCF) for recommendation, which models visual characteristics and captures visual time dynamics. To reduce the influence of perturbation, we train the ADCF objective through minimax adversarial learning. Furthermore, we enhance the ADCF by directed adversarial learning. The objective is to restrict the direction of perturbation in the embedding space to other examples in the present embedding space. This enables us to integrate the collaborative feature into the learning process. Comprehensive evaluations using three Amazon datasets revealed that our technique outperformed baselines.

computer science, artificial intelligence

Huisheng Mao,Baozheng Zhang,Hua Xu,Ziqi Yuan,Yihe Liu

DOI: https://doi.org/10.48550/arXiv.2211.13484

2022-11-24

Abstract:Improving model robustness against potential modality noise, as an essential step for adapting multimodal models to real-world applications, has received increasing attention among researchers. For Multimodal Sentiment Analysis (MSA), there is also a debate on whether multimodal models are more effective against noisy features than unimodal ones. Stressing on intuitive illustration and in-depth analysis of these concerns, we present Robust-MSA, an interactive platform that visualizes the impact of modality noise as well as simple defence methods to help researchers know better about how their models perform with imperfect real-world data.

Multimedia

Wei Wei,Chao Huang,Lianghao Xia,Chuxu Zhang

DOI: https://doi.org/10.1145/3543507.3583206

2023-07-18

Abstract:The online emergence of multi-modal sharing platforms (eg, TikTok, Youtube) is powering personalized recommender systems to incorporate various modalities (eg, visual, textual and acoustic) into the latent user representations. While existing works on multi-modal recommendation exploit multimedia content features in enhancing item embeddings, their model representation capability is limited by heavy label reliance and weak robustness on sparse user behavior data. Inspired by the recent progress of self-supervised learning in alleviating label scarcity issue, we explore deriving self-supervision signals with effectively learning of modality-aware user preference and cross-modal dependencies. To this end, we propose a new Multi-Modal Self-Supervised Learning (MMSSL) method which tackles two key challenges. Specifically, to characterize the inter-dependency between the user-item collaborative view and item multi-modal semantic view, we design a modality-aware interactive structure learning paradigm via adversarial perturbations for data augmentation. In addition, to capture the effects that user's modality-aware interaction pattern would interweave with each other, a cross-modal contrastive learning approach is introduced to jointly preserve the inter-modal semantic commonality and user preference diversity. Experiments on real-world datasets verify the superiority of our method in offering great potential for multimedia recommendation over various state-of-the-art baselines. The implementation is released at: <a class="link-external link-https" href="https://github.com/HKUDS/MMSSL" rel="external noopener nofollow">this https URL</a>.

Information Retrieval

Juncheng B Li,Shuhui Qu,Xinjian Li,Po-Yao Huang,Florian Metze

DOI: https://doi.org/10.48550/arXiv.2203.12122

2022-04-21

Abstract:As audio-visual systems are being deployed for safety-critical tasks such as surveillance and malicious content filtering, their robustness remains an under-studied area. Existing published work on robustness either does not scale to large-scale dataset, or does not deal with multiple modalities. This work aims to study several key questions related to multi-modal learning through the lens of robustness: 1) Are multi-modal models necessarily more robust than uni-modal models? 2) How to efficiently measure the robustness of multi-modal learning? 3) How to fuse different modalities to achieve a more robust multi-modal model? To understand the robustness of the multi-modal model in a large-scale setting, we propose a density-based metric, and a convexity metric to efficiently measure the distribution of each modality in high-dimensional latent space. Our work provides a theoretical intuition together with empirical evidence showing how multi-modal fusion affects adversarial robustness through these metrics. We further devise a mix-up strategy based on our metrics to improve the robustness of the trained model. Our experiments on AudioSet and Kinetics-Sounds verify our hypothesis that multi-modal models are not necessarily more robust than their uni-modal counterparts in the face of adversarial examples. We also observe our mix-up trained method could achieve as much protection as traditional adversarial training, offering a computationally cheap alternative. Implementation: <a class="link-external link-https" href="https://github.com/lijuncheng16/AudioSetDoneRight" rel="external noopener nofollow">this https URL</a>

Sound,Multimedia,Audio and Speech Processing

Yun-Da Tsai,Ting-Yu Yen,Keng-Te Liao,Shou-De Lin

2024-08-19

Abstract:Converting different modalities into generalized text, which then serves as input prompts for large language models (LLMs), is a common approach for aligning multimodal models, particularly when pairwise data is limited. Text-centric alignment method leverages the unique properties of text as a modality space, transforming diverse inputs into a unified textual representation, thereby enabling downstream models to effectively interpret various modal inputs. This study evaluates the quality and robustness of multimodal representations in the face of noise imperfections, dynamic input order permutations, and missing modalities, revealing that current text-centric alignment methods can compromise downstream robustness. To address this issue, we propose a new text-centric adversarial training approach that significantly enhances robustness compared to traditional robust training methods and pre-trained multimodal foundation models. Our findings underscore the potential of this approach to improve the robustness and adaptability of multimodal representations, offering a promising solution for dynamic and real-world applications.

Machine Learning

Weixin Chen,Li Chen,Yongxin Ni,Yuhan Zhao,Fajie Yuan,Yongfeng Zhang

DOI: https://doi.org/10.48550/arXiv.2310.17373

2023-10-26

Information Retrieval

Abstract:Recently, multimodal recommendations have gained increasing attention for effectively addressing the data sparsity problem by incorporating modality-based representations. Although multimodal recommendations excel in accuracy, the introduction of different modalities (e.g., images, text, and audio) may expose more users' sensitive information (e.g., gender and age) to recommender systems, resulting in potentially more serious unfairness issues. Despite many efforts on fairness, existing fairness-aware methods are either incompatible with multimodal scenarios, or lead to suboptimal fairness performance due to neglecting sensitive information of multimodal content. To achieve counterfactual fairness in multimodal recommendations, we propose a novel fairness-aware multimodal recommendation approach (dubbed as FMMRec) to disentangle the sensitive and non-sensitive information from modal representations and leverage the disentangled modal representations to guide fairer representation learning. Specifically, we first disentangle biased and filtered modal representations by maximizing and minimizing their sensitive attribute prediction ability respectively. With the disentangled modal representations, we mine the modality-based unfair and fair (corresponding to biased and filtered) user-user structures for enhancing explicit user representation with the biased and filtered neighbors from the corresponding structures, followed by adversarially filtering out sensitive information. Experiments on two real-world public datasets demonstrate the superiority of our FMMRec relative to the state-of-the-art baselines. Our source code is available at https://anonymous.4open.science/r/FMMRec.

Lei Cheng,Xiaowen Huang,Jitao Sang,Jian Yu

2024-04-27

Abstract:Recently, recommender system has achieved significant success. However, due to the openness of recommender systems, they remain vulnerable to malicious attacks. Additionally, natural noise in training data and issues such as data sparsity can also degrade the performance of recommender systems. Therefore, enhancing the robustness of recommender systems has become an increasingly important research topic. In this survey, we provide a comprehensive overview of the robustness of recommender systems. Based on our investigation, we categorize the robustness of recommender systems into adversarial robustness and non-adversarial robustness. In the adversarial robustness, we introduce the fundamental principles and classical methods of recommender system adversarial attacks and defenses. In the non-adversarial robustness, we analyze non-adversarial robustness from the perspectives of data sparsity, natural noise, and data imbalance. Additionally, we summarize commonly used datasets and evaluation metrics for evaluating the robustness of recommender systems. Finally, we also discuss the current challenges in the field of recommender system robustness and potential future research directions. Additionally, to facilitate fair and efficient evaluation of attack and defense methods in adversarial robustness, we propose an adversarial robustness evaluation library--ShillingREC, and we conduct evaluations of basic attack models and recommendation models. ShillingREC project is released at

Information Retrieval

Nishant Vishwamitra,Hongxin Hu,Ziming Zhao,Long Cheng,Feng Luo

DOI: https://doi.org/10.48550/arXiv.2112.12792

IF: 5.414

2021-12-22

Machine Learning

Abstract:The modern digital world is increasingly becoming multimodal. Although multimodal learning has recently revolutionized the state-of-the-art performance in multimodal tasks, relatively little is known about the robustness of multimodal learning in an adversarial setting. In this paper, we introduce a comprehensive measurement of the adversarial robustness of multimodal learning by focusing on the fusion of input modalities in multimodal models, via a framework called MUROAN (MUltimodal RObustness ANalyzer). We first present a unified view of multimodal models in MUROAN and identify the fusion mechanism of multimodal models as a key vulnerability. We then introduce a new type of multimodal adversarial attacks called decoupling attack in MUROAN that aims to compromise multimodal models by decoupling their fused modalities. We leverage the decoupling attack of MUROAN to measure several state-of-the-art multimodal models and find that the multimodal fusion mechanism in all these models is vulnerable to decoupling attacks. We especially demonstrate that, in the worst case, the decoupling attack of MUROAN achieves an attack success rate of 100% by decoupling just 1.16% of the input space. Finally, we show that traditional adversarial training is insufficient to improve the robustness of multimodal models with respect to decoupling attacks. We hope our findings encourage researchers to pursue improving the robustness of multimodal learning.

Kai Zhang,Linping Gao,Jinda Lu,Yutong Yuan,Xiaofen Xing

DOI: https://doi.org/10.1007/978-981-97-5618-6_20

2024-01-01

Abstract:The realm of recommender systems has experienced a notable upswing in interest, particularly in the context of multi-modality, where user preferences are characterized through the integration of behavioral data and diverse modal information associated with items. However, existing methods grapple with two significant challenges: (1) The inherent noise present in multi-modal features can contaminate item representations. Conventional fusionmethods may inadvertently propagate this noise to interaction data through the fusion process. (2) Existing multi-modal recommendation methods typically rely on random data augmentation. These approaches introduce noise manually and may not fully exploit the latent potential in multi-modal information. To bridge the gap, we propose a novel methodology for a comprehensive integration of both multi-modal features and collaborative signals, termed Modality-Guided Collaborative Filtering (MGCF). This method delves into self-supervised signals derived from both the structural and semantic information of the features. These signals are then utilized to select and mask critical interactions adaptively. In our pursuit of generating discriminative representations, we employ a masked auto-encoder to distill informative self-supervision signals. Simultaneously, we aggregate global information through the process of reconstructing the masked subgraph structures. We evaluate the effectiveness of MGCF through extensive experiments on real-world datasets and verify the superiority of our method for multi-modal recommendation over various state-of-the-art baselines.

Agyemang Paul,Zhefu Wu,Kai Liu,Shufeng Gong

DOI: https://doi.org/10.1007/s10489-021-02355-w

IF: 5.3

2021-07-07

Applied Intelligence

Abstract:<p class="a-plus-plus">Machine learning classifiers are susceptible to adversarial perturbations, and their existence raises security concerns with a focus on recommendation systems. While there is a substantial effort to investigate attacks and defensive techniques in recommendation systems, Basic Iterative perturbation strategies (BIM) have been under-researched in multimedia recommendation. In this work, we adapt the iterative approach for multimedia recommendation. We proposed a novel Dynamic Collaborative Filtering with Aesthetic (DCFA) approach which leverages aesthetic features of clothing images into a multi-objective pairwise ranking to capture consumer aesthetic taste at a specific time through adversarial training (ADCFA). The DCFA method extends visual recommendation to make three key contributions: (1) incorporate aesthetic features into multimedia recommender system to model consumers' preferences in the aesthetic aspect. (2) Design a multi-objective personalized ranking for the visual recommendation. (3) Use the aesthetic features to optimize the learning strategy to capture the temporal dynamics of image aesthetic preferences. To reduce the impact of perturbation, we train a DCFA objective function using minimax adversarial training. Extensive experiments on three datasets demonstrate the effectiveness of our method.</p>

computer science, artificial intelligence

Qi Hu,Zhidong Shen,Zongyao Sha,Weijie Tan

DOI: https://doi.org/10.1109/tgrs.2024.3384927

IF: 8.2

2024-01-01

IEEE Transactions on Geoscience and Remote Sensing

Abstract:The challenge of classifying multimodal remote sensing images has garnered significant interest in light of the growing diversity of remote sensing image data modalities. Current studies primarily concentrate on increasing the classification task's accuracy by improving the fusion strategy or incorporating auxiliary architectures. However, there is currently a lack of research in the area of adversarial attacks for multimodal remote sensing image classification models as compared to the study of unimodal classification models. To overcome this issue, our research first investigates the adversarial robustness of multimodal remote sensing image classification under different fusion strategies, which adopts the improved classical adversarial attack methods to test the adversarial robustness of multimodal remote sensing image classification model architectures with three different fusion strategies. Then, a new multimodal adversarial attack method is proposed for the multimodal model, which adopts balanced perturbation loss and cooperative adversarial loss, in which the balanced perturbation loss is used to balance the level of perturbation of different modalities, and the cooperative adversarial loss is used to reduce the conflict of different modality perturbations on the classification result. By combining balanced perturbation loss and cooperative adversarial loss to attack multimodal models, the cooperation between modalities is continuously optimized. Finally, the study demonstrates the weak adversarial robustness of the multimodal remote sensing image classification model, the robustness of which is easily influenced by the fusion strategies and the attack methods. Additionally, a better attack effect is obtained by the multimodal multiloss cooperative adversarial attack method proposed in this article.

Jingsen Zhang,Jiakai Tang,Xu Chen,Wenhui Yu,Lantao Hu,Peng Jiang,Han Li

DOI: https://doi.org/10.1145/3637528.3671781

2024-01-01

Abstract:Natural language explainable recommendation has become a promising direction to facilitate more efficient and informed user decisions. Previous models mostly focus on how to enhance the explanation accuracy. However, the robustness problem has been largely ignored, which requires the explanations generated for similar user-item pairs should not be too much different. Different from traditional classification problems, improving the robustness of natural languages has two unique characteristics: (1) Different token importances, that is, different tokens play various roles in representing the complete sentence, and the robustness requirements for predicting them should also be different. (2) Continuous token semantics, that is, the similarity of the output should be judged based on semantics, and the sequences without any token-level overlap may also be highly similar. Based on these characteristics, we formulate and solve a novel problem in the recommendation domain, that is, robust natural language explainable recommendation. To the best of our knowledge, it is the first time in this field. Specifically, we base our modeling on adversarial robust optimization and design four types of heuristic methods to modify the adversarial outputs with weighted token probabilities and synonym replacements. Furthermore, to consider the mutual influence between the above characteristics, we regard language generation as a decision-making problem and design a dual-policy reinforcement learning framework to improve the robustness of the generated languages. We conduct extensive experiments to demonstrate the effectiveness of our framework.