We use cookies to improve your experience on our site.
AVID-2023-V006
Description
Attack on Machine Translation Service - Google Translate, Bing Translator, and Systran Translate
Details
Machine translation services (such as Google Translate, Bing Translator, and Systran Translate) provide public-facing UIs and APIs. A research group at UC Berkeley utilized these public endpoints to create a replicated model with near-production state-of-the-art translation quality. Beyond demonstrating that IP can be functionally stolen from a black-box system, they used the replicated model to successfully transfer adversarial examples to the real production services. These adversarial inputs successfully cause targeted word flips, vulgar outputs, and dropped sentences on Google Translate and Systran Translate websites.
References
- Attack on Machine Translation Service - Google Translate, Bing Translator, and Systran Translate
- Wallace, Eric, et al. “Imitation Attacks and Defenses for Black-box Machine Translation Systems” EMNLP 2020
- Project Page, “Imitation Attacks and Defenses for Black-box Machine Translation Systems”
- Google under fire for mistranslating Chinese amid Hong Kong protests
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0301: Information Leak; S0502: Model theft; S0403: Adversarial Example
- Lifecycle stages: L02: Data Understanding, L04: Model Development, L06: Deployment
Affected or Relevant Artifacts
- Developer:
- Deployer: Google Translate, Bing Translator, Systran Translate
- Artifact Details:
Type Name System Google Translate, Bing Translator, Systran Translate
Other information
- Vulnerability Class: ATLAS Case Study
- Date Published: 2023-03-31
- Date Last Modified: 2023-03-31
- Version: 0.2
- AVID Entry