Dongzhu Rong , Qindong Sun , Yan Wang , Xiaoxiong Wang
{"title":"A new universal camouflage attack algorithm for intelligent speech system","authors":"Dongzhu Rong , Qindong Sun , Yan Wang , Xiaoxiong Wang","doi":"10.1016/j.specom.2024.103152","DOIUrl":null,"url":null,"abstract":"<div><div>The security problems in intelligent speech systems have been extensively investigated. In this paper, we propose a new more generic and more efficient attack method that can be used to promote the security of intelligent speech systems. By turning the attack target into a holistic intelligent speech system, we discovered security threats in speech resampling and risks in deep model normalization layers, and designed CA-ISS algorithms based on these two security risks. CA-ISS algorithm results in semantic content changes after speech resampling and launches an attack by creating cognitive differences between human and deep models. This paper also upgrades to the limitations of CA-ISS algorithm to attack the cloud platforms. Six intelligent speech systems are used to verify the effectiveness of CA-ISS in experiments. Experimental results demonstrate that the CA-ISS algorithm has sufficient generalisability, efficiency, and camouflage. Finally, the principle of CA-ISS algorithm is analyzed based on multiple visualization algorithms and the camouflage effect of the attack samples is evaluated.</div></div>","PeriodicalId":49485,"journal":{"name":"Speech Communication","volume":"166 ","pages":"Article 103152"},"PeriodicalIF":2.4000,"publicationDate":"2024-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Speech Communication","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167639324001237","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ACOUSTICS","Score":null,"Total":0}
引用次数: 0
Abstract
The security problems in intelligent speech systems have been extensively investigated. In this paper, we propose a new more generic and more efficient attack method that can be used to promote the security of intelligent speech systems. By turning the attack target into a holistic intelligent speech system, we discovered security threats in speech resampling and risks in deep model normalization layers, and designed CA-ISS algorithms based on these two security risks. CA-ISS algorithm results in semantic content changes after speech resampling and launches an attack by creating cognitive differences between human and deep models. This paper also upgrades to the limitations of CA-ISS algorithm to attack the cloud platforms. Six intelligent speech systems are used to verify the effectiveness of CA-ISS in experiments. Experimental results demonstrate that the CA-ISS algorithm has sufficient generalisability, efficiency, and camouflage. Finally, the principle of CA-ISS algorithm is analyzed based on multiple visualization algorithms and the camouflage effect of the attack samples is evaluated.
期刊介绍:
Speech Communication is an interdisciplinary journal whose primary objective is to fulfil the need for the rapid dissemination and thorough discussion of basic and applied research results.
The journal''s primary objectives are:
• to present a forum for the advancement of human and human-machine speech communication science;
• to stimulate cross-fertilization between different fields of this domain;
• to contribute towards the rapid and wide diffusion of scientifically sound contributions in this domain.