Audio Adversarial Examples: Targeted Attacks on Speech-to-Text
Top Cited Papers
- 1 May 2018
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
We construct targeted audio adversarial examples on automatic speech recognition. Given any audio waveform, we can produce another that is over 99.9% similar, but transcribes as any phrase we choose (recognizing up to 50 characters per second of audio). We apply our white-box iterative optimization-based attack to Mozilla's implementation DeepSpeech end-to-end, and show it has a 100% success rate. The feasibility of this attack introduce a new domain to study adversarial examples.Keywords
This publication has 11 references indexed in Scilit:
- Towards Evaluating the Robustness of Neural NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- Accessorize to a CrimePublished by Association for Computing Machinery (ACM) ,2016
- Adversarial Diversity and Hard Positive GenerationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Deep Learning and Music AdversariesIEEE Transactions on Multimedia, 2015
- Deep neural networks are easily fooled: High confidence predictions for unrecognizable imagesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- The security of machine learningMachine Learning, 2010
- Can machine learning be secure?Published by Association for Computing Machinery (ACM) ,2006
- Connectionist temporal classificationPublished by Association for Computing Machinery (ACM) ,2006
- Adversarial learningPublished by Association for Computing Machinery (ACM) ,2005
- Long Short-Term MemoryNeural Computation, 1997