Crafting Adversarial Examples For Speech Paralinguistics Applications
This addresses security risks in cyber applications like speaker verification and medical diagnostics, but it is incremental as it builds on existing adversarial attack methods.
The authors tackled the vulnerability of deep neural networks in speech paralinguistics applications by proposing an end-to-end scheme to generate adversarial examples through raw waveform perturbations, resulting in a significant performance drop in state-of-the-art models while minimally affecting audio quality.
Computational paralinguistic analysis is increasingly being used in a wide range of cyber applications, including security-sensitive applications such as speaker verification, deceptive speech detection, and medical diagnostics. While state-of-the-art machine learning techniques, such as deep neural networks, can provide robust and accurate speech analysis, they are susceptible to adversarial attacks. In this work, we propose an end-to-end scheme to generate adversarial examples for computational paralinguistic applications by perturbing directly the raw waveform of an audio recording rather than specific acoustic features. Our experiments show that the proposed adversarial perturbation can lead to a significant performance drop of state-of-the-art deep neural networks, while only minimally impairing the audio quality.