Comparative Study on Noise-Augmented Training and its Effect on Adversarial Robustness in ASR Systems
This addresses adversarial robustness for ASR systems, but it is incremental as it compares existing methods.
The study tackled whether noise-augmented training improves adversarial robustness in ASR systems, finding that it enhances performance on noisy speech and increases robustness against adversarial attacks.
In this study, we investigate whether noise-augmented training can concurrently improve adversarial robustness in automatic speech recognition (ASR) systems. We conduct a comparative analysis of the adversarial robustness of four different ASR architectures, each trained under three different augmentation conditions: (1) background noise, speed variations, and reverberations; (2) speed variations only; (3) no data augmentation. We then evaluate the robustness of all resulting models against attacks with white-box or black-box adversarial examples. Our results demonstrate that noise augmentation not only enhances model performance on noisy speech but also improves the model's robustness to adversarial attacks.