Adversarial command detection using parallel Speech Recognition systems
| dc.contributor.author | Cheng, Peng | |
| dc.contributor.author | Sankar, M. S. Arun | |
| dc.contributor.author | Bagci, Ibrahim Ethem | |
| dc.contributor.author | Roedig, Utz | |
| dc.contributor.funder | Science Foundation Ireland | en |
| dc.date.accessioned | 2021-09-16T10:32:15Z | |
| dc.date.available | 2021-09-16T10:32:15Z | |
| dc.date.issued | 2021-10 | |
| dc.description.abstract | Personal Voice Assistants (PVAs) such as Apple's Siri, Amazon's Alexa and Google Home are now commonplace. PVAs are susceptible to adversarial commands; an attacker is able to modify an audio signal such that humans do not notice this modification but the Speech Recognition (SR) will recognise a command of the attacker's choice. In this paper we describe a defence method against such adversarial commands. By using a second SR in parallel to the main SR of the PVA it is possible to detect adversarial commands. It is difficult for an attacker to craft an adversarial command that is able to force two different SR into recognising the adversarial command while ensuring inaudibility. We demonstrate the feasibility of this defence mechanism for practical setups. For instance, our evaluation shows that such system can be tuned to detect 50% of adversarial commands while not impacting on normal PVA use. | en |
| dc.description.sponsorship | Science Foundation Ireland (SFI 19/FFP/6775) | en |
| dc.description.status | Peer reviewed | en |
| dc.description.version | Accepted Version | en |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.citation | Cheng, P., Sankar M. S., A., Bagci, I. E. and Roedig,U. (2021) 'Adversarial command detection using parallel Speech Recognition systems’, ESORICS 2021, 26th European Symposium on Research in Computer Security, Lecture Notes in Computer Science, 13106, pp. 238-255. doi: 10.1007/978-3-030-95484-0_15 | en |
| dc.identifier.doi | 10.1007/978-3-030-95484-0_15 | |
| dc.identifier.endpage | 238 | |
| dc.identifier.startpage | 255 | |
| dc.identifier.uri | https://hdl.handle.net/10468/11931 | |
| dc.language.iso | en | en |
| dc.publisher | Springer | en |
| dc.relation.uri | https://link.springer.com/chapter/10.1007/978-3-030-95484-0_15 | en |
| dc.rights | For the purpose of Open Access, the author has applied a CC BY public copyright licence to any Author Accepted Manuscript version arising from this submission. Copyright Published Article: © Springer Nature Switzerland AG 2022 | en |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | en |
| dc.subject | Personal Voice Assistants | en |
| dc.subject | PVAs | en |
| dc.subject | Speech Recognition | en |
| dc.subject | SR | en |
| dc.subject | Adversarial commands | en |
| dc.title | Adversarial command detection using parallel Speech Recognition systems | en |
| dc.type | Conference item | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Adversarial_Command_Detection_using_Parallel_SR_ADIoT.pdf
- Size:
- 833.22 KB
- Format:
- Adobe Portable Document Format
- Description:
- Accepted Version
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 2.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: