Hidden Voice Commands: Attacks and Defenses on the VCS of Autonomous Driving Cars

Autonomous driving is becoming one of the most popular applications of AI. Meanwhile, the advances in deep learning have promoted the rapid development of the voice controllable systems (VCSs), which have almost reached the maturity stage. Before autonomous driving cars reach the highest level of automation, intelligent voice interaction remains the primary approach for human-vehicle interaction. Recent works show that such intelligent systems are vulnerable to hidden voice commands that are unnoticed or unintelligible to humans. In particular, an adversary utilizing hidden voice commands is able to control autonomous driving cars. For example, malicious voice commands embedded into the sound of online shared videos can stealthily control the vehicle when people watch the videos in the car. In this article, we investigate the potential perniciousness of hidden voice commands on the VCS of autonomous driving cars, and then discuss feasible defense strategies. We finally propose a pop-noisebased general defense strategy that can resist various kinds of attacks.