Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Over-the-air White-box Attack on the Wav2Vec Speech Recognition Neural Network

Protopopov Alexey

Abstract

Automatic speech recognition systems based on neural networks are vulnerable to adversarial attacks that alter transcriptions in a malicious way. Recent works in this field have focused on making attacks work in over-the-air scenarios, however such attacks are typically detectable by human hearing, limiting their potential applications. In the present work we explore different approaches of making over-the-air attacks less detectable, as well as the impact these approaches have on the attacks' effectiveness.

Over-the-air White-box Attack on the Wav2Vec Speech Recognition Neural Network

Abstract

Automatic speech recognition systems based on neural networks are vulnerable to adversarial attacks that alter transcriptions in a malicious way. Recent works in this field have focused on making attacks work in over-the-air scenarios, however such attacks are typically detectable by human hearing, limiting their potential applications. In the present work we explore different approaches of making over-the-air attacks less detectable, as well as the impact these approaches have on the attacks' effectiveness.
Paper Structure (9 sections, 4 equations, 5 figures, 1 table)

This paper contains 9 sections, 4 equations, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. Methods
  3. Frequency response simulation
  4. Room simulation
  5. Random audio time shifts
  6. Attack generation
  7. Results and discussion
  8. Conclusion
  9. Acknowledgements

Figures (5)

  • Figure 1: Data augmentation.
  • Figure 2: Example room layout.
  • Figure 3: Attack generation iteration. Gradient backpropagation is indicated by red arrows.
  • Figure 4: Audio fragments padded with zeros.
  • Figure 5: Numbers of iterations required to reach various values of $\lambda$.