Robustness of Adversarial Attacks in Sound Event Classification

SUBRAMANIAN, V; Benetos, E; Sandler, M; 4th Workshop on Detection and Classification of Acoustic Scenes and Events (DCASE 2019)

View/Open

Accepted Version (310.6Kb)

Pagination

? - ? (5)

Publisher

4th Workshop on Detection and Classification of Acoustic Scenes and Events

Publisher URL

http://dcase.community/workshop2019/

Metadata

Show full item record

Abstract

An adversarial attack is a method to generate perturbations to the input of a machine learning model in order to make the output of the model incorrect. The perturbed inputs are known as adversarial examples. In this paper, we investigate the robustness of adversarial examples to simple input transformations such as mp3 compression, resampling, white noise and reverb in the task of sound event classification. By performing this analysis, we aim to provide insights on strengths and weaknesses in current adversarial attack algorithms as well as provide a baseline for defenses against adversarial attacks. Our work shows that adversarial attacks are not robust to simple input transformations. White noise is the most consistent method to defend against adversarial attacks with a success rate of 73.72% averaged across all models and attack algorithms.

Authors

SUBRAMANIAN, V; Benetos, E; Sandler, M; 4th Workshop on Detection and Classification of Acoustic Scenes and Events (DCASE 2019)

URI

https://qmro.qmul.ac.uk/xmlui/handle/123456789/59658

Collections

Electronic Engineering and Computer Science [1299]