Over-the-air White-box Attack on the Wav2Vec Speech Recognition Neural Network
Protopopov Alexey
TL;DR
This paper investigates making over-the-air adversarial attacks on Wav2Vec speech recognition models less detectable by humans, while analyzing how these modifications affect attack success.
Contribution
It introduces methods to reduce human detectability of over-the-air attacks and examines their impact on attack effectiveness.
Findings
Reduced human detectability of adversarial audio
Trade-offs between attack stealth and success rate
Insights into attack robustness in real-world scenarios
Abstract
Automatic speech recognition systems based on neural networks are vulnerable to adversarial attacks that alter transcriptions in a malicious way. Recent works in this field have focused on making attacks work in over-the-air scenarios, however such attacks are typically detectable by human hearing, limiting their potential applications. In the present work we explore different approaches of making over-the-air attacks less detectable, as well as the impact these approaches have on the attacks' effectiveness.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Speech Recognition and Synthesis · Wireless Signal Modulation Classification