Enabling Fast and Universal Audio Adversarial Attack Using Generative Model
Yi Xie, Zhuohang Li, Cong Shi, Jian Liu, Yingying Chen, Bo Yuan
TL;DR
This paper introduces fast and universal audio adversarial attack methods using generative models, significantly improving attack speed and effectiveness against DNN-based audio systems in real-time scenarios.
Contribution
The paper proposes FAPG for rapid adversarial perturbation generation and UAPG for crafting universal perturbations, advancing practical attack capabilities.
Findings
FAPG achieves up to 167X speedup over existing methods.
UAPG produces more effective universal adversarial perturbations.
Both methods outperform state-of-the-art in speed and attack success rate.
Abstract
Recently, the vulnerability of DNN-based audio systems to adversarial attacks has obtained the increasing attention. However, the existing audio adversarial attacks allow the adversary to possess the entire user's audio input as well as granting sufficient time budget to generate the adversarial perturbations. These idealized assumptions, however, makes the existing audio adversarial attacks mostly impossible to be launched in a timely fashion in practice (e.g., playing unnoticeable adversarial perturbations along with user's streaming input). To overcome these limitations, in this paper we propose fast audio adversarial perturbation generator (FAPG), which uses generative model to generate adversarial perturbations for the audio input in a single forward pass, thereby drastically improving the perturbation generation speed. Built on the top of FAPG, we further propose universal audio…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
Taxonomy
TopicsDigital Media Forensic Detection · Adversarial Robustness in Machine Learning · Electrostatic Discharge in Electronics