Affiliation:
1. College of Computer and Information Hohai University Nanjing China
2. School of Computing Technologies RMIT University Melbourne Australia
3. Humboldt Universität zu Berlin Berlin Germany
Abstract
AbstractTest case generation techniques based on adversarial examples are commonly used to enhance the reliability and robustness of image‐based and text‐based machine learning applications. However, efficient techniques for speech recognition systems are still absent. This paper proposes a family of methods that generate targeted adversarial examples for speech recognition systems. All are based on the firefly algorithm (F), and are enhanced with gauss mutations and / or gradient estimation (F‐GM, F‐GE, F‐GMGE) to fit the specific problem of targeted adversarial test case generation. We conduct an experimental evaluation on three different types of speech datasets, including Google Command, Common Voice and LibriSpeech. In addition, we recruit volunteers to evaluate the performance of the adversarial examples. The experimental results show that, compared with existing approaches, these approaches can effectively improve the success rate of the targeted adversarial example generation. The code is publicly available at https://github.com/HanboCai/FGMGE.
Funder
Fundamental Research Funds for the Central Universities
National Natural Science Foundation of China
Natural Science Foundation of Jiangsu Province
Subject
Safety, Risk, Reliability and Quality,Software
Reference74 articles.
1. CASAS: A Smart Home in a Box
2. GoodfellowIJ ShlensJ SzegedyC.Explaining and harnessing adversarial examples. InInternational Conference on Learning Representations:San Diego CA USA 2015.
3. SzegedyC ZarembaW SutskeverI BrunaJ ErhanD GoodfellowIJ et al.Intriguing properties of neural networks. InInternational Conference on Learning Representations:Banff AB Canada 2014.
4. PapernotN McDanielPD JhaS FredriksonM CelikZB SwamiA.The limitations of deep learning in adversarial settings. InIEEE European Symposium on Security and Privacy EuroS&P Saarbrücken Germany IEEE 2016;372–387.https://doi.org/10.1109/EuroSP.2016.36