Defending Adversarial Attacks on Cloud-aided Automatic Speech Recognition Systems

Zhang, Jiajie and Zhang, Bingsheng and Zhang, Bincheng (2019) Defending Adversarial Attacks on Cloud-aided Automatic Speech Recognition Systems. In: SCC '19 Proceedings of the Seventh International Workshop on Security in Cloud Computing :. ACM, New York, pp. 23-31. ISBN 9781450367882

Text (Defending Adversarial Attacks on Cloud-aided Automatic Speech Recognition Systems)
Defending_Adversarial_Attacks_on_Cloud_aided_Automatic_Speech_Recognition_Systems.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.
Download (2MB)

Abstract

With the advancement of deep learning based speech recognition technology, an increasing number of cloud-aided automatic voice assistant applications, such as Google Home, Amazon Echo, and cloud AI services, such as IBM Watson, are emerging in our daily life. In a typical usage scenario, after keyword activation, the user's voice will be recorded and submitted to the cloud for automatic speech recognition (ASR) and then further action(s) might be triggered depending on the user's command(s). However, recent researches show that the deep learning based systems could be easily attacked by adversarial examples. Subsequently, the ASR systems are found being vulnerable to audio adversarial examples. Unfortunately, very few works about defending audio adversarial attack are known in the literature. Constructing a generic and robust defense mechanism to resolve this issue remains an open problem. In this work, we propose several proactive defense mechanisms against targeted audio adversarial examples in the ASR systems via code modulation and audio compression. We then show the effectiveness of the proposed strategies through extensive evaluation on natural dataset.