{"title":"针对音频监控系统的对抗性攻击","authors":"S. Ntalampiras","doi":"10.23919/eusipco55093.2022.9909635","DOIUrl":null,"url":null,"abstract":"The recent rise of adversarial machine learning highlights the vulnerabilities of various systems relevant in a wide range of application domains. This paper focuses on the important domain of automatic space surveillance based on the acoustic modality. After setting up a state of the art solution using log-Mel spectrogram modeled by a convolutional neural network, we systematically investigate the following four types of adversarial attacks: a) Fast Gradient Sign, b) Projected Gradient Descent, c) Jacobian Saliency Map, and d) Carlini & Wagner $\\ell_{\\infty}$. Experimental scenarios aiming at inducing false positives or negatives are considered, while attacks' efficiency are thoroughly examined. It is shown that several attack types are able to reach high success rate levels by injecting relatively small perturbations on the original audio signals. This underlines the need of suitable and effective defense strategies, which will boost reliability in machine learning based solution.","PeriodicalId":231263,"journal":{"name":"2022 30th European Signal Processing Conference (EUSIPCO)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Adversarial Attacks Against Audio Surveillance Systems\",\"authors\":\"S. Ntalampiras\",\"doi\":\"10.23919/eusipco55093.2022.9909635\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The recent rise of adversarial machine learning highlights the vulnerabilities of various systems relevant in a wide range of application domains. This paper focuses on the important domain of automatic space surveillance based on the acoustic modality. After setting up a state of the art solution using log-Mel spectrogram modeled by a convolutional neural network, we systematically investigate the following four types of adversarial attacks: a) Fast Gradient Sign, b) Projected Gradient Descent, c) Jacobian Saliency Map, and d) Carlini & Wagner $\\\\ell_{\\\\infty}$. Experimental scenarios aiming at inducing false positives or negatives are considered, while attacks' efficiency are thoroughly examined. It is shown that several attack types are able to reach high success rate levels by injecting relatively small perturbations on the original audio signals. This underlines the need of suitable and effective defense strategies, which will boost reliability in machine learning based solution.\",\"PeriodicalId\":231263,\"journal\":{\"name\":\"2022 30th European Signal Processing Conference (EUSIPCO)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 30th European Signal Processing Conference (EUSIPCO)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/eusipco55093.2022.9909635\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 30th European Signal Processing Conference (EUSIPCO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/eusipco55093.2022.9909635","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Adversarial Attacks Against Audio Surveillance Systems
The recent rise of adversarial machine learning highlights the vulnerabilities of various systems relevant in a wide range of application domains. This paper focuses on the important domain of automatic space surveillance based on the acoustic modality. After setting up a state of the art solution using log-Mel spectrogram modeled by a convolutional neural network, we systematically investigate the following four types of adversarial attacks: a) Fast Gradient Sign, b) Projected Gradient Descent, c) Jacobian Saliency Map, and d) Carlini & Wagner $\ell_{\infty}$. Experimental scenarios aiming at inducing false positives or negatives are considered, while attacks' efficiency are thoroughly examined. It is shown that several attack types are able to reach high success rate levels by injecting relatively small perturbations on the original audio signals. This underlines the need of suitable and effective defense strategies, which will boost reliability in machine learning based solution.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
