Conference Publication Details
Mandatory Fields
Cheng, P;Sankar, MSA;Bagci, IE;Roedig, U
COMPUTER SECURITY: ESORICS 2021 INTERNATIONAL WORKSHOPS
Adversarial Command Detection Using Parallel Speech Recognition Systems
2022
January
Validated
1
()
Optional Fields
238
255
Personal Voice Assistants (PVAs) such as Apple's Siri, Amazon's Alexa and Google Home are now commonplace. PVAs are susceptible to adversarial commands; an attacker is able to modify an audio signal such that humans do not notice this modification but the Speech Recognition (SR) will recognise a command of the attacker's choice. In this paper we describe a defence method against such adversarial commands. By using a second SR in parallel to the main SR of the PVA it is possible to detect adversarial commands. It is difficult for an attacker to craft an adversarial command that is able to force two different SR into recognising the adversarial command while ensuring inaudibility. We demonstrate the feasibility of this defence mechanism for practical setups. For instance, our evaluation shows that such system can be tuned to detect 50% of adversarial commands while not impacting on normal PVA use.
10.1007/978-3-030-95484-0_15
Grant Details