Adversarial Attacks Against Acoustic Monitoring of Industrial Machines

The recent rise of adversarial machine learning exposed the serious vulnerabilities existing in current frameworks depending on the smooth operation of such automated solutions. This article focuses on the critical field of monitoring the health of industrial machines based on the respective acoustic emissions. After building an audio-based monitoring solution using log-Mel spectrograms and convolutional neural networks, we systematically evaluate the applicability of four types of adversarial attacks: 1) fast gradient sign; 2) projected gradient descent; 3) Jacobian saliency map; and 4) Carlini and Wagner $\ell _{\infty }$ . Seeing the problem from the attacker perspective, we designed two different attack types, aiming at inducing either false positives or false negatives. We define three figures of merit specifically designed to assess the performance of each attack type from diverse points of view. The experimental setup relies on a publicly available data set including acoustic emissions representing four industrial machines, i.e., fan, pump, slider rail, and valve.