Morriel Kasher, Michael Zhao, Aryeh Greenberg, Devin Gulati, S. Kokalj-Filipovic, P. Spasojevic
{"title":"使用稳健的对抗性音频攻击通过后门操纵语音设备:邀请论文","authors":"Morriel Kasher, Michael Zhao, Aryeh Greenberg, Devin Gulati, S. Kokalj-Filipovic, P. Spasojevic","doi":"10.1145/3468218.3469048","DOIUrl":null,"url":null,"abstract":"The BackDoor system provides a method for inaudibly transmitting messages that are recorded by unmodified receiver microphones as if they were transmitted audibly. Adversarial Audio attacks allow for an audio sample to sound like one message but be transcribed by a speech processing neural network as a different message. This study investigates the potential applications of Adversarial Audio through the BackDoor system to manipulate voice-enabled devices, or VEDs, without detection by humans or other nearby microphones. We discreetly transmit voice commands by applying robust, noise-resistant adversarial audio perturbations through BackDoor on top of a predetermined speech or music base sample to achieve a desired target transcription. Our analysis compares differing base carriers, target phrases, and perturbation strengths for maximal effectiveness through BackDoor. We determined that such an attack is feasible and that the desired adversarial properties of the audio sample are maintained even when transmitted through BackDoor.","PeriodicalId":318719,"journal":{"name":"Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Inaudible Manipulation of Voice-Enabled Devices Through BackDoor Using Robust Adversarial Audio Attacks: Invited Paper\",\"authors\":\"Morriel Kasher, Michael Zhao, Aryeh Greenberg, Devin Gulati, S. Kokalj-Filipovic, P. Spasojevic\",\"doi\":\"10.1145/3468218.3469048\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The BackDoor system provides a method for inaudibly transmitting messages that are recorded by unmodified receiver microphones as if they were transmitted audibly. Adversarial Audio attacks allow for an audio sample to sound like one message but be transcribed by a speech processing neural network as a different message. This study investigates the potential applications of Adversarial Audio through the BackDoor system to manipulate voice-enabled devices, or VEDs, without detection by humans or other nearby microphones. We discreetly transmit voice commands by applying robust, noise-resistant adversarial audio perturbations through BackDoor on top of a predetermined speech or music base sample to achieve a desired target transcription. Our analysis compares differing base carriers, target phrases, and perturbation strengths for maximal effectiveness through BackDoor. We determined that such an attack is feasible and that the desired adversarial properties of the audio sample are maintained even when transmitted through BackDoor.\",\"PeriodicalId\":318719,\"journal\":{\"name\":\"Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-06-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3468218.3469048\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3468218.3469048","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Inaudible Manipulation of Voice-Enabled Devices Through BackDoor Using Robust Adversarial Audio Attacks: Invited Paper
The BackDoor system provides a method for inaudibly transmitting messages that are recorded by unmodified receiver microphones as if they were transmitted audibly. Adversarial Audio attacks allow for an audio sample to sound like one message but be transcribed by a speech processing neural network as a different message. This study investigates the potential applications of Adversarial Audio through the BackDoor system to manipulate voice-enabled devices, or VEDs, without detection by humans or other nearby microphones. We discreetly transmit voice commands by applying robust, noise-resistant adversarial audio perturbations through BackDoor on top of a predetermined speech or music base sample to achieve a desired target transcription. Our analysis compares differing base carriers, target phrases, and perturbation strengths for maximal effectiveness through BackDoor. We determined that such an attack is feasible and that the desired adversarial properties of the audio sample are maintained even when transmitted through BackDoor.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
