VenoMave: Targeted Poisoning Against Speech Recognition. (arXiv:2010.10682v3 [cs.SD] UPDATED)

Despite remarkable improvements, automatic speech recognition is susceptible
to adversarial perturbations. Compared to standard machine learning
architectures, these attacks are significantly more challenging, especially
since the inputs to a speech recognition system are time series that contain
both acoustic and linguistic properties of speech. Extracting all
recognition-relevant information requires more complex pipelines and an
ensemble of specialized components. Consequently, an attacker needs to consider
the entire pipeline. In this paper, we present VENOMAVE, the first
training-time poisoning attack against speech …

acoustic adversarial attack attacks automatic evasion information inputs linguistic machine machine learning pipeline pipelines poisoning recognition series speech standard system training