Generating Black-box Audio Adversarial CAPTCHAs based on Differential Evolution Algorithm

Audio adversarial CAPTCHAs are commonly used on various websites and applications to distinguish human users from automated programs. However, recent advances in deep learning have given rise to several audio recognition methods that pose a challenge to the security of audio CAPTCHAs. In this paper, we propose DE ES, a novel approach based on the differential evolution algorithm, for generating audio adversarial CAPTCHAs. Our method utilizes a momentum probability update technique to add random noise to the examples and combines differential evolution with gradient estimation to enhance the success rate of attacks. We evaluate the similarity between the adversarial examples and the original examples using audio data visualization techniques. Moreover, we apply our method to generate adversarial CAPTCHAs for two usage scenarios of audio CAPTCHAs: input-based and selection-based, respectively, to demonstrate the feasibility of the proposed algorithm. Our experimental results demonstrate that DE ES outperforms other heuristic-based generation methods in terms of the success rate of generating audio adversarial examples, while maintaining a lower average editing distance. Thus, our method provides an effective solution for generating robust audio adversarial CAPTCHAs that can, to a certain extent, withstand the attacks of deep learning models, thereby improving the security of voice-based authentication systems.