Cortical Features for Defense Against Adversarial Audio Attacks
This work addresses security vulnerabilities in audio-based AI systems like voice assistants, offering a domain-specific defense mechanism.
The authors tackled the problem of defending against adversarial attacks on audio systems by integrating a computational model of the auditory cortex into a network, showing that this approach reduces the effectiveness of universal adversarial examples at the same distortion level.
We propose using a computational model of the auditory cortex as a defense against adversarial attacks on audio. We apply several white-box iterative optimization-based adversarial attacks to an implementation of Amazon Alexa's HW network, and a modified version of this network with an integrated cortical representation, and show that the cortical features help defend against universal adversarial examples. At the same level of distortion, the adversarial noises found for the cortical network are always less effective for universal audio attacks. We make our code publicly available at https://github.com/ilyakava/py3fst.