Description
The surge in the usage of automatic speech recognition (ASR) systems
in recent years has drawn significant research interests in the audio
world. Recent works have discovered that the underlying mechanisms
of such systems are vulnerable to so-called adversarial examples,
which greatly encourages studies on the corresponding defense methods.
This thesis proposes unsupervised learning methods for the detection
of audio adversarial examples. Experimental results show that our proposed
methods based on a two-stage training framework are able to successfully
defend against a simple adversarial attack. In a more elaborate attack scenario
that considers human psychoacoustics, we still get a high detection rate with
the cost of slightly increased false positives.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching