Cyclic Defense GAN Against Speech Adversarial Attacks

被引：7

作者：

Esmaeilpour, Mohammad ^{[1
]}

Cardinal, Patrick ^{[1
]}

Koerich, Alessandro Lameiras ^{[1
]}

机构：

[1] Univ Quebec, Ecole Technol Super ETS, Montreal, PQ H3C 1K3, Canada

来源：

IEEE SIGNAL PROCESSING LETTERS | 2021年 / 28卷

基金：

加拿大自然科学与工程研究理事会;

关键词：

Spectrogram; Discrete wavelet transforms; Generative adversarial networks; Generators; Signal processing algorithms; Training; Perturbation methods; Speech adversarial attack; Speech-to-text model; discrete wavelet transform; cyclic GAN; adversarial defense;

D O I：

10.1109/LSP.2021.3106239

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

This letter proposes a new defense approach for counteracting state-of-the-art white and black-box adversarial attack algorithms. Our approach fits into the implicit reactive defense algorithm category since it does not directly manipulate the potentially malicious input signals. Instead, it reconstructs a similar signal with a synthesized spectrogram using a cyclic generative adversarial network. This cyclic framework helps to yield a stable generative model. Finally, we feed the reconstructed signal into the speech-to-text model for transcription. The conducted experiments on targeted and non-targeted adversarial attacks developed for attacking DeepSpeech, Kaldi, and Lingvo models demonstrate the proposed defense's effectiveness in adverse scenarios.

引用

页码：1769 / 1773

页数：5

共 38 条

[1]

[Anonymous], 2017, ARXIV170502900

[2]

[Anonymous], 2011, WORKSH AUT SPEECH RE

[3]

[Anonymous], 2019, MOZILLA COMMON VOICE

[4]

Baby D, 2019, INT CONF ACOUST SPEE, P106, DOI [10.1109/icassp.2019.8683799, 10.1109/ICASSP.2019.8683799]

[5] FlyMap: Interacting with Maps Projected from a Drone [J].

Brock, Anke M. ;

Chatain, Julia ;

Park, Michelle ;

Fang, Tommy ;

Hachet, Martin ;

Landay, James A. ;

Cauchard, Jessica R. .

PROCEEDINGS PERVASIVE DISPLAYS 2018: THE 7TH ACM INTERNATIONAL SYMPOSIUM ON PERVASIVE DISPLAYS, 2018,

[6] Audio Adversarial Examples: Targeted Attacks on Speech-to-Text [J].

Carlini, Nicholas ;

Wagner, David .

2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2018), 2018, :1-7

[7]

Che T., 2017, PROC 5 INT C LEARN R

[8]

Cvejic N, 2002, PROCEEDINGS OF THE 2002 IEEE 10TH DIGITAL SIGNAL PROCESSING WORKSHOP & 2ND SIGNAL PROCESSING EDUCATION WORKSHOP, P53, DOI 10.1109/DSPWS.2002.1231075

[9]

Das Nilaksh, 2018, Joint European Conference on Machine Learning and Knowledge Discovery in Databases, P677

[10] COMPARISON OF PARAMETRIC REPRESENTATIONS FOR MONOSYLLABIC WORD RECOGNITION IN CONTINUOUSLY SPOKEN SENTENCES [J].

DAVIS, SB ;

MERMELSTEIN, P .

IEEE TRANSACTIONS ON ACOUSTICS SPEECH AND SIGNAL PROCESSING, 1980, 28 (04) :357-366

← 1 2 3 4 →