SlideShare une entreprise Scribd logo

Robust Audio Adversarial Example for a Physical Attack

Hiromu Yakura
Hiromu Yakura

2018/11/29@東京大学 猿渡・小山研究室

Sciences
1  sur  37
Télécharger pour lire hors ligne

 
 Goodfellow, I. J., Shlens, J., & Szegedy, C.: Explaining and harnessing adversarial examples. In Proc. of ICLR. (2015) 


 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) 


 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) 
 


 
 f :Rn → {1,…,k} x ∈!n !x ∈"n s.t. f (x) ≠ f (!x) ∧ D(x, !x) ≤ δ !x s.t. f (!x) = l ∧ D(x, !x) ≤ δ l ∈{1,…,k} panda f gibbon x !x f (x) f (!x)

 
 !x = x + !v where !v = argmin v Loss f (x + v,l)+ ε " v " ε D(x, !x) ≤ δ panda

 
 !x = x + !v where !v = argmin v Loss f (x + v,l)+ ε " v " ε D(x, !x) ≤ δ gibbon
Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018) 
 f (!x) = l

 
 
 argmin v Et~Τ Loss f (t(x + v),l)+ ε D(t(x),t(x + v))⎡ ⎣⎢ ⎤ ⎦⎥ argmin v Loss f (x + v,l)+ ε ! v ! Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018)
Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)

 Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)

 Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)

 
 
 argmin v Loss f (MFCC(x + v), l)+ ε ! v ! x ∈!T l ∈∑N argmin v Loss f (x + v,l)+ ε ! v ! Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)

 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) Loss vt

 
 Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018)

 
 
 argmin v Loss f (MFCC(x + BPF 1000~4000Hz (v)), l)+ ε ! v !

 
h(t) u(t) ′u (t) = u(x)h(t − x)dx −∞ ∞ ∫ 


 
 H 
 argmin v Eh~H Loss(MFCC(Conv h (x + BPF 1000~4000Hz (v))), l)+ ε v⎡ ⎣ ⎤ ⎦ Conv h (⋅)

 
 
Ν(0, σ 2 ) argmin v Eh~H ,w~N (0,σ 2 ) Loss(MFCC(Conv h (x + BPF 1000~4000Hz (v))+ w), l)+ ε v⎡ ⎣ ⎤ ⎦

 x 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
 Hannun, A. Y., et. al.: Deep Speech: Scaling up end- to-end speech recognition. arXiv preprint arXiv:1412.05567. (2014)

 
 σ

 
 
 
 Px = 1 T xt 2 t=1 T ∑ Pv = 1 T vt 2 t=1 T ∑ 10log10 Px Pv



 
 
 


 
 
 


 
 
 
 
 


 
 
 
 
 


 
 
 


 
 Povey, D., et. al.: The Kaldi Speech Recognition Toolkit. In Proc. of ASRU. (2011)

 
 Povey, D., et. al.: The Kaldi Speech Recognition Toolkit. In Proc. of ASRU. (2011)

 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)

 
 
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)

 
 
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)

 
 
 


 
 
 
 Schönherr, L., et. al.: Adversarial Attacks Against ASR Systems via Psychoacoustic Hiding. In Proc. of NDSS. (2019) Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)

 
 
 Taori, R., et. al.: Targeted Adversarial Examples for Black Box Audio Systems. arXiv preprint arXiv:1805.07820. (2018)

Recommandé

AI_5 Resolution/ Channing
AI_5 Resolution/ ChanningAI_5 Resolution/ Channing
AI_5 Resolution/ ChanningKhushali Kathiriya
 
A bayesian framework for unsupervised one-shot learning of object categories
A bayesian framework for unsupervised one-shot learning of object categoriesA bayesian framework for unsupervised one-shot learning of object categories
A bayesian framework for unsupervised one-shot learning of object categorieswolf
 
(Kpi summer school 2015) word embeddings and neural language modeling
(Kpi summer school 2015) word embeddings and neural language modeling(Kpi summer school 2015) word embeddings and neural language modeling
(Kpi summer school 2015) word embeddings and neural language modelingSerhii Havrylov
 
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...Hiromu Yakura
 
How to make good use of AI technologies? @ Tsukuba Conference 2021
How to make good use of AI technologies? @ Tsukuba Conference 2021How to make good use of AI technologies? @ Tsukuba Conference 2021
How to make good use of AI technologies? @ Tsukuba Conference 2021Hiromu Yakura
 
機械学習を"良く"使うには
機械学習を"良く"使うには機械学習を"良く"使うには
機械学習を"良く"使うにはHiromu Yakura
 
自己紹介@名状しがたいお茶会
自己紹介@名状しがたいお茶会自己紹介@名状しがたいお茶会
自己紹介@名状しがたいお茶会Hiromu Yakura
 
Python 3のWebシステムでDDDに入門してみた
Python 3のWebシステムでDDDに入門してみたPython 3のWebシステムでDDDに入門してみた
Python 3のWebシステムでDDDに入門してみたHiromu Yakura
 

Recommandé

AI_5 Resolution/ Channing
AI_5 Resolution/ ChanningAI_5 Resolution/ Channing
AI_5 Resolution/ ChanningKhushali Kathiriya
 
A bayesian framework for unsupervised one-shot learning of object categories
A bayesian framework for unsupervised one-shot learning of object categoriesA bayesian framework for unsupervised one-shot learning of object categories
A bayesian framework for unsupervised one-shot learning of object categorieswolf
 
(Kpi summer school 2015) word embeddings and neural language modeling
(Kpi summer school 2015) word embeddings and neural language modeling(Kpi summer school 2015) word embeddings and neural language modeling
(Kpi summer school 2015) word embeddings and neural language modelingSerhii Havrylov
 
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...
Human-AI communication for human-human communication / CHAI Workshop @ IJCAI ...Hiromu Yakura
 
How to make good use of AI technologies? @ Tsukuba Conference 2021
How to make good use of AI technologies? @ Tsukuba Conference 2021How to make good use of AI technologies? @ Tsukuba Conference 2021
How to make good use of AI technologies? @ Tsukuba Conference 2021Hiromu Yakura
 
機械学習を"良く"使うには
機械学習を"良く"使うには機械学習を"良く"使うには
機械学習を"良く"使うにはHiromu Yakura
 
自己紹介@名状しがたいお茶会
自己紹介@名状しがたいお茶会自己紹介@名状しがたいお茶会
自己紹介@名状しがたいお茶会Hiromu Yakura
 
Python 3のWebシステムでDDDに入門してみた
Python 3のWebシステムでDDDに入門してみたPython 3のWebシステムでDDDに入門してみた
Python 3のWebシステムでDDDに入門してみたHiromu Yakura
 
セキュリティ・キャンプのススメ
セキュリティ・キャンプのススメセキュリティ・キャンプのススメ
セキュリティ・キャンプのススメHiromu Yakura
 
新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみた新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみたHiromu Yakura
 
GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」Hiromu Yakura
 
Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編Hiromu Yakura
 
Arduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみようArduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみようHiromu Yakura
 
機械学習コン講評
機械学習コン講評機械学習コン講評
機械学習コン講評Hiromu Yakura
 
NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料Hiromu Yakura
 
イタリアでパスタを食べた話
イタリアでパスタを食べた話イタリアでパスタを食べた話
イタリアでパスタを食べた話Hiromu Yakura
 
Why don't you learn programming?
Why don't you learn programming?Why don't you learn programming?
Why don't you learn programming?Hiromu Yakura
 
CTF, What's in it for me?
CTF, What's in it for me?CTF, What's in it for me?
CTF, What's in it for me?Hiromu Yakura
 
Arrow Judge
Arrow JudgeArrow Judge
Arrow JudgeHiromu Yakura
 
CTFとは
CTFとはCTFとは
CTFとはHiromu Yakura
 
CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…Hiromu Yakura
 
ぃぬ速@LKML
ぃぬ速@LKMLぃぬ速@LKML
ぃぬ速@LKMLHiromu Yakura
 
プラトン
プラトンプラトン
プラトンHiromu Yakura
 
How to lick Miku
How to lick MikuHow to lick Miku
How to lick MikuHiromu Yakura
 
ICTのちから
ICTのちからICTのちから
ICTのちからHiromu Yakura
 
ナウいAndroidセキュリティ
ナウいAndroidセキュリティナウいAndroidセキュリティ
ナウいAndroidセキュリティHiromu Yakura
 
Trendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationTrendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationHiromu Yakura
 
Androidにおける強制アクセス制御
Androidにおける強制アクセス制御Androidにおける強制アクセス制御
Androidにおける強制アクセス制御Hiromu Yakura
 
PROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and VerticalPROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and VerticalMAESTRELLAMesa2
 
Davis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technologyDavis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technologycaarthichand2003
 

Contenu connexe

Plus de Hiromu Yakura

セキュリティ・キャンプのススメ
セキュリティ・キャンプのススメセキュリティ・キャンプのススメ
セキュリティ・キャンプのススメHiromu Yakura
 
新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみた新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみたHiromu Yakura
 
GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」Hiromu Yakura
 
Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編Hiromu Yakura
 
Arduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみようArduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみようHiromu Yakura
 
機械学習コン講評
機械学習コン講評機械学習コン講評
機械学習コン講評Hiromu Yakura
 
NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料Hiromu Yakura
 
イタリアでパスタを食べた話
イタリアでパスタを食べた話イタリアでパスタを食べた話
イタリアでパスタを食べた話Hiromu Yakura
 
Why don't you learn programming?
Why don't you learn programming?Why don't you learn programming?
Why don't you learn programming?Hiromu Yakura
 
CTF, What's in it for me?
CTF, What's in it for me?CTF, What's in it for me?
CTF, What's in it for me?Hiromu Yakura
 
CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…Hiromu Yakura
 
ナウいAndroidセキュリティ
ナウいAndroidセキュリティナウいAndroidセキュリティ
ナウいAndroidセキュリティHiromu Yakura
 
Trendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationTrendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationHiromu Yakura
 
Androidにおける強制アクセス制御
Androidにおける強制アクセス制御Androidにおける強制アクセス制御
Androidにおける強制アクセス制御Hiromu Yakura
 

Plus de Hiromu Yakura (20)

セキュリティ・キャンプのススメ
セキュリティ・キャンプのススメセキュリティ・キャンプのススメ
セキュリティ・キャンプのススメ
 
新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみた新しいライブ映像再生システムを研究してみた
新しいライブ映像再生システムを研究してみた
 
GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」GAME ON 特別イベント 「ゲームってなんでプログラミング?」
GAME ON 特別イベント 「ゲームってなんでプログラミング?」
 
Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編Arduinoでプログラミングに触れてみよう 続編
Arduinoでプログラミングに触れてみよう 続編
 
Arduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみようArduinoでプログラミングに触れてみよう
Arduinoでプログラミングに触れてみよう
 
機械学習コン講評
機械学習コン講評機械学習コン講評
機械学習コン講評
 
NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料NPCA夏合宿 2014 講義資料
NPCA夏合宿 2014 講義資料
 
イタリアでパスタを食べた話
イタリアでパスタを食べた話イタリアでパスタを食べた話
イタリアでパスタを食べた話
 
Why don't you learn programming?
Why don't you learn programming?Why don't you learn programming?
Why don't you learn programming?
 
CTF, What's in it for me?
CTF, What's in it for me?CTF, What's in it for me?
CTF, What's in it for me?
 
Arrow Judge
Arrow JudgeArrow Judge
Arrow Judge
 
CTFとは
CTFとはCTFとは
CTFとは
 
CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…CTFはとんでもないものを 盗んでいきました。私の時間です…
CTFはとんでもないものを 盗んでいきました。私の時間です…
 
ぃぬ速@LKML
ぃぬ速@LKMLぃぬ速@LKML
ぃぬ速@LKML
 
プラトン
プラトンプラトン
プラトン
 
How to lick Miku
How to lick MikuHow to lick Miku
How to lick Miku
 
ICTのちから
ICTのちからICTのちから
ICTのちから
 
ナウいAndroidセキュリティ
ナウいAndroidセキュリティナウいAndroidセキュリティ
ナウいAndroidセキュリティ
 
Trendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationTrendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final Presentation
 
Androidにおける強制アクセス制御
Androidにおける強制アクセス制御Androidにおける強制アクセス制御
Androidにおける強制アクセス制御
 

Dernier

PROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and VerticalPROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and VerticalMAESTRELLAMesa2
 
Davis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technologyDavis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technologycaarthichand2003
 
Servosystem Theory / Cybernetic Theory by Petrovic
Servosystem Theory / Cybernetic Theory by PetrovicServosystem Theory / Cybernetic Theory by Petrovic
Servosystem Theory / Cybernetic Theory by PetrovicAditi Jain
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPirithiRaju
 
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuine
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 GenuineCall Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuine
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuinethapagita
 
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubai
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In DubaiDubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubai
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubaikojalkojal131
 
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...Universidade Federal de Sergipe - UFS
 
Quarter 4_Grade 8_Digestive System Structure and Functions
Quarter 4_Grade 8_Digestive System Structure and FunctionsQuarter 4_Grade 8_Digestive System Structure and Functions
Quarter 4_Grade 8_Digestive System Structure and FunctionsCharlene Llagas
 
Pests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPirithiRaju
 
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)Columbia Weather Systems
 
Topic 9- General Principles of International Law.pptx
Topic 9- General Principles of International Law.pptxTopic 9- General Principles of International Law.pptx
Topic 9- General Principles of International Law.pptxJorenAcuavera1
 
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》rnrncn29
 
Speech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxSpeech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxpriyankatabhane
 
Citronella presentation SlideShare mani upadhyay
Citronella presentation SlideShare mani upadhyayCitronella presentation SlideShare mani upadhyay
Citronella presentation SlideShare mani upadhyayupadhyaymani499
 
Organic farming with special reference to vermiculture
Organic farming with special reference to vermicultureOrganic farming with special reference to vermiculture
Organic farming with special reference to vermicultureTakeleZike1
 
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxGENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxRitchAndruAgustin
 
Observational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsObservational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsSérgio Sacani
 
User Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationUser Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationColumbia Weather Systems
 
Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫qfactory1
 

Dernier (20)

PROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and VerticalPROJECTILE MOTION-Horizontal and Vertical
PROJECTILE MOTION-Horizontal and Vertical
 
Davis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technologyDavis plaque method.pptx recombinant DNA technology
Davis plaque method.pptx recombinant DNA technology
 
Servosystem Theory / Cybernetic Theory by Petrovic
Servosystem Theory / Cybernetic Theory by PetrovicServosystem Theory / Cybernetic Theory by Petrovic
Servosystem Theory / Cybernetic Theory by Petrovic
 
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdfPests of jatropha_Bionomics_identification_Dr.UPR.pdf
Pests of jatropha_Bionomics_identification_Dr.UPR.pdf
 
Let’s Say Someone Did Drop the Bomb. Then What?
Let’s Say Someone Did Drop the Bomb. Then What?Let’s Say Someone Did Drop the Bomb. Then What?
Let’s Say Someone Did Drop the Bomb. Then What?
 
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuine
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 GenuineCall Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuine
Call Girls in Majnu Ka Tilla Delhi 🔝9711014705🔝 Genuine
 
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubai
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In DubaiDubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubai
Dubai Calls Girl Lisa O525547819 Lexi Call Girls In Dubai
 
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...
REVISTA DE BIOLOGIA E CIÊNCIAS DA TERRA ISSN 1519-5228 - Artigo_Bioterra_V24_...
 
Quarter 4_Grade 8_Digestive System Structure and Functions
Quarter 4_Grade 8_Digestive System Structure and FunctionsQuarter 4_Grade 8_Digestive System Structure and Functions
Quarter 4_Grade 8_Digestive System Structure and Functions
 
Pests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdfPests of Bengal gram_Identification_Dr.UPR.pdf
Pests of Bengal gram_Identification_Dr.UPR.pdf
 
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
User Guide: Pulsar™ Weather Station (Columbia Weather Systems)
 
Topic 9- General Principles of International Law.pptx
Topic 9- General Principles of International Law.pptxTopic 9- General Principles of International Law.pptx
Topic 9- General Principles of International Law.pptx
 
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》《Queensland毕业文凭-昆士兰大学毕业证成绩单》
《Queensland毕业文凭-昆士兰大学毕业证成绩单》
 
Speech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptxSpeech, hearing, noise, intelligibility.pptx
Speech, hearing, noise, intelligibility.pptx
 
Citronella presentation SlideShare mani upadhyay
Citronella presentation SlideShare mani upadhyayCitronella presentation SlideShare mani upadhyay
Citronella presentation SlideShare mani upadhyay
 
Organic farming with special reference to vermiculture
Organic farming with special reference to vermicultureOrganic farming with special reference to vermiculture
Organic farming with special reference to vermiculture
 
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptxGENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
GENERAL PHYSICS 2 REFRACTION OF LIGHT SENIOR HIGH SCHOOL GENPHYS2.pptx
 
Observational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive starsObservational constraints on mergers creating magnetism in massive stars
Observational constraints on mergers creating magnetism in massive stars
 
User Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather StationUser Guide: Magellan MX™ Weather Station
User Guide: Magellan MX™ Weather Station
 
Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫Manassas R - Parkside Middle School 🌎🏫
Manassas R - Parkside Middle School 🌎🏫
 

Robust Audio Adversarial Example for a Physical Attack

  • 1.
  • 2. 
 
 Goodfellow, I. J., Shlens, J., & Szegedy, C.: Explaining and harnessing adversarial examples. In Proc. of ICLR. (2015) 

  • 3. 
 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) 

  • 4. 
 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) 
 

  • 5. 
 
 f :Rn → {1,…,k} x ∈!n !x ∈"n s.t. f (x) ≠ f (!x) ∧ D(x, !x) ≤ δ !x s.t. f (!x) = l ∧ D(x, !x) ≤ δ l ∈{1,…,k} panda f gibbon x !x f (x) f (!x)
  • 6. 
 
 !x = x + !v where !v = argmin v Loss f (x + v,l)+ ε " v " ε D(x, !x) ≤ δ panda
  • 7. 
 
 !x = x + !v where !v = argmin v Loss f (x + v,l)+ ε " v " ε D(x, !x) ≤ δ gibbon
  • 8. Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018) 
 f (!x) = l
  • 9. 
 
 
 argmin v Et~Τ Loss f (t(x + v),l)+ ε D(t(x),t(x + v))⎡ ⎣⎢ ⎤ ⎦⎥ argmin v Loss f (x + v,l)+ ε ! v ! Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018)
  • 10. Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
  • 11. 
 Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
  • 12. 
 Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
  • 13. 
 
 
 argmin v Loss f (MFCC(x + v), l)+ ε ! v ! x ∈!T l ∈∑N argmin v Loss f (x + v,l)+ ε ! v ! Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
  • 14. 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018) Loss vt
  • 15. 
 
 Athalye, A., et. al.: Synthesizing robust adversarial examples. In Proc. of ICML. (2018)
  • 17. 
 
h(t) u(t) ′u (t) = u(x)h(t − x)dx −∞ ∞ ∫ 

  • 18. 
 
 H 
 argmin v Eh~H Loss(MFCC(Conv h (x + BPF 1000~4000Hz (v))), l)+ ε v⎡ ⎣ ⎤ ⎦ Conv h (⋅)
  • 19. 
 
 
Ν(0, σ 2 ) argmin v Eh~H ,w~N (0,σ 2 ) Loss(MFCC(Conv h (x + BPF 1000~4000Hz (v))+ w), l)+ ε v⎡ ⎣ ⎤ ⎦
  • 20. 
 x 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
 Hannun, A. Y., et. al.: Deep Speech: Scaling up end- to-end speech recognition. arXiv preprint arXiv:1412.05567. (2014)
  • 23.
  • 24.
  • 30. 
 
 Povey, D., et. al.: The Kaldi Speech Recognition Toolkit. In Proc. of ASRU. (2011)
  • 31. 
 
 Povey, D., et. al.: The Kaldi Speech Recognition Toolkit. In Proc. of ASRU. (2011)
  • 32. 
 
 
 Carlini, N., & Wagner, D.: Audio Adversarial Examples: Targeted Attacks on Speech-to-Text. In Proc. of Deep Learning and Security Workshop. (2018)
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)
  • 33. 
 
 
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)
  • 34. 
 
 
 Yang, Z., et. al.: Characterizing Audio Adversarial Examples Using Temporal Dependency. arXiv preprint arXiv:1809.10875. (2018)
  • 36. 
 
 
 
 Schönherr, L., et. al.: Adversarial Attacks Against ASR Systems via Psychoacoustic Hiding. In Proc. of NDSS. (2019) Yuan, X., et. al.: CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition. In Proc. of USENIX Security. (2018)
  • 37. 
 
 
 Taori, R., et. al.: Targeted Adversarial Examples for Black Box Audio Systems. arXiv preprint arXiv:1805.07820. (2018)