TR2020-137

Detecting Audio Attacks on ASR Systems with Dropout Uncertainty


    •  Jayashankar, T., Le Roux, J., Moulin, P., "Detecting Audio Attacks on ASR Systems with Dropout Uncertainty", Interspeech, DOI: 10.21437/​Interspeech.2020-1846, October 2020, pp. 4671-4675.
      BibTeX TR2020-137 PDF Presentation
      • @inproceedings{Jayashankar2020oct,
      • author = {Jayashankar, Tejas and Le Roux, Jonathan and Moulin, Pierre},
      • title = {Detecting Audio Attacks on ASR Systems with Dropout Uncertainty},
      • booktitle = {Interspeech},
      • year = 2020,
      • pages = {4671--4675},
      • month = oct,
      • doi = {10.21437/Interspeech.2020-1846},
      • issn = {1990-9772},
      • url = {https://www.merl.com/publications/TR2020-137}
      • }
  • MERL Contact:
  • Research Areas:

    Artificial Intelligence, Information Security, Machine Learning, Speech & Audio

Abstract:

Various adversarial audio attacks have recently been developed to fool automatic speech recognition (ASR) systems. We here propose a defense against such attacks based on the uncertainty introduced by dropout in neural networks. We show that our defense is able to detect attacks created through optimized perturbations and frequency masking on a state-of-the-art end-toend ASR system. Furthermore, the defense can be made robust against attacks that are immune to noise reduction. We test our defense on Mozilla’s CommonVoice dataset, the UrbanSound dataset, and an excerpt of the LibriSpeech dataset, showing that it achieves high detection accuracy in a wide range of scenarios. Index Terms: Automatic speech recognition, adversarial machine learning, audio attack, dropout, uncertainty distribution, noise reduction

 

  • Related Research Highlights

  • Related Publication

  •  Jayashankar, T., Le Roux, J., Moulin, P., "Detecting Audio Attacks on ASR Systems with Dropout Uncertainty", arXiv, June 2020.
    BibTeX arXiv
    • @article{Jayashankar2020jun,
    • author = {Jayashankar, Tejas and Le Roux, Jonathan and Moulin, Pierre},
    • title = {Detecting Audio Attacks on ASR Systems with Dropout Uncertainty},
    • journal = {arXiv},
    • year = 2020,
    • month = jun,
    • url = {https://arxiv.org/abs/2006.01906}
    • }