Multi-discriminator Sobolev Defense-gan Against Adversarial Attacks For End-to-end Speech Systems
2021 Β· Mohammad Esmaeilpour, Patrick Cardinal, Alessandro Lameiras Koerich
Abstract
This paper introduces a defense approach against end-to-end adversarial attacks developed for cutting-edge speech-to-text systems. The proposed defense algorithm has four major steps. First, we represent speech signals with 2D spectrograms using the short-time Fourier transform. Second, we iteratively find a safe vector using a spectrogram subspace projection operation. This operation minimizes the chordal distance adjustment between spectrograms with an additional regularization term. Third, we synthesize a spectrogram with such a safe vector using a novel GAN architecture trained with Sobolev integral probability metric. To improve the model's performance in terms of stability and the total number of learned modes, we impose an additional constraint on the generator network. Finally, we reconstruct the signal from the synthesized spectrogram and the Griffin-Lim phase approximation technique. We evaluate the proposed defense approach against six strong white and black-box adversarial
Authors
(none)
Tags
Stats
Related papers
- Class-conditional Defense GAN Against End-to-end Speech Attacks (2020)7.50
- RSD-GAN: Regularized Sobolev Defense GAN Against Speech-to-text Adversarial Attacks (2022)4.52
- Adversarial Machine Learning And Speech Emotion Recognition: Utilizing Generative Adversarial Networks For Robustness (2018)0.00
- Robust Speech Recognition Using Generative Adversarial Networks (2017)11.29
- Multi-spectrogan: High-diversity And High-fidelity Spectrogram Generation With Adversarial Style Combination For Speech Synthesis (2020)0.00
- Adversarial Attack And Defense Strategies For Deep Speaker Recognition Systems (2020)13.39
- SA: Sliding Attack For Synthetic Speech Detection With Resistance To Clipping And Self-splicing (2022)0.00
- Towards Generalized Speech Enhancement With Generative Adversarial Networks (2019)10.35