Lu, K., Nguyen, M. C., Xu, X., & Foo, C. S. (2023). On Adversarial Robustness of Audio Classifiers. ICASSP 2023 - 2023 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). https://doi.org/10.1109/icassp49357.2023.10097268
Abstract:
We make three contributions to improve adversarial robust- ness of audio classifiers. First, most existing works focus on lp-norm bounded adversarial perturbations. Instead, we con- sider signal-to-noise ratio (SNR) as a more natural measure of adversarial perturbations for audio data. We show that per- turbed examples with a particular SNR can be generated us- ing a corresponding l2-norm perturbation, and establish the equivalence of these two metrics in assessing adversarial per- turbations. This connection enables direct control of the SNR quality of perturbed examples and allows comparison using perturbations with different lp-norm constraints. Second, we are among the first to introduce APGD attack for adversarial training on audio data. In our experiments, APGD adversarial training is robust to adversarial attacks without compromis- ing clean accuracy. Last, we improve adversarial robustness by adapting CutMix to audio - cutting and mixing two audio clips together - in conjunction with adversarial training, and observe improvements in robustness on US8K.
License type:
Publisher Copyright
Funding Info:
This research / project is supported by the DSO National Laboratories - Adversarially Robust Ship Sound Classification
Grant Reference no. : EC-2021-018