Explore a conference talk on targeted adversarial examples for black box audio systems presented at the 2nd Deep Learning and Security Workshop during the 2019 IEEE Symposium on Security & Privacy. Delve into the application of deep recurrent networks in automatic speech recognition (ASR) systems and the vulnerabilities they face from adversarial perturbations. Learn about a novel black-box approach to adversarial generation that combines genetic algorithms and gradient estimation techniques. Discover how this method achieves an 89.25% targeted attack similarity and a 35% targeted attack success rate after 3000 generations, while maintaining 94.6% audio file similarity. Gain insights into the challenges and potential solutions for securing ASR systems against sophisticated attacks in scenarios where model architecture and parameters are unknown.
Overview
Syllabus
Targeted Adversarial Examples for Black Box Audio Systems
Taught by
IEEE Symposium on Security and Privacy