Skip to main content
placeholder image

Trojan Attacks and Defense for Speech Recognition

Chapter


Abstract


  • Mobile devices commonly employ speech recognition (SR) techniques to facilitate user interaction. Typical voice assistants on mobile devices detect a wake word or phrase before allowing users to use voice commands. While the core functionality of contemporary SR systems relies on deep learning, researchers have shown that deep learning suffers from various security issues. Among these security threats, Trojan attacks in particular have attracted great interest in the research community. To conduct a Trojan attack, an adversary must stealthily modify a target model, such that the compromised model will output a predefined label whenever presented with a trigger. Most work in the literature has focused on Trojan attacks for image recognition, and there is limited work in the SR domain. Due to the increasing use of SR systems in daily devices, such as mobile phones, Trojan attacks for SR pose a great threat to the public and is therefore an important topic of concern to mobile internet security. Despite its growing importance, there has not been an extensive review conducted on Trojan attacks for SR. This paper fills this gap by presenting an overview of existing techniques of conducting Trojan attacks and defending against them for SR. The purpose is to provide researchers with an in-depth comparison of current methods and the challenges faced in this important research area.

Publication Date


  • 2022

Citation


  • Zong, W., Chow, Y. W., Susilo, W., & Kim, J. (2022). Trojan Attacks and Defense for Speech Recognition. In Unknown Book (Vol. 1544 CCIS, pp. 195-210). doi:10.1007/978-981-16-9576-6_14

International Standard Book Number (isbn) 13


  • 9789811695759

Scopus Eid


  • 2-s2.0-85124652661

Book Title


  • Communications in Computer and Information Science

Start Page


  • 195

End Page


  • 210

Abstract


  • Mobile devices commonly employ speech recognition (SR) techniques to facilitate user interaction. Typical voice assistants on mobile devices detect a wake word or phrase before allowing users to use voice commands. While the core functionality of contemporary SR systems relies on deep learning, researchers have shown that deep learning suffers from various security issues. Among these security threats, Trojan attacks in particular have attracted great interest in the research community. To conduct a Trojan attack, an adversary must stealthily modify a target model, such that the compromised model will output a predefined label whenever presented with a trigger. Most work in the literature has focused on Trojan attacks for image recognition, and there is limited work in the SR domain. Due to the increasing use of SR systems in daily devices, such as mobile phones, Trojan attacks for SR pose a great threat to the public and is therefore an important topic of concern to mobile internet security. Despite its growing importance, there has not been an extensive review conducted on Trojan attacks for SR. This paper fills this gap by presenting an overview of existing techniques of conducting Trojan attacks and defending against them for SR. The purpose is to provide researchers with an in-depth comparison of current methods and the challenges faced in this important research area.

Publication Date


  • 2022

Citation


  • Zong, W., Chow, Y. W., Susilo, W., & Kim, J. (2022). Trojan Attacks and Defense for Speech Recognition. In Unknown Book (Vol. 1544 CCIS, pp. 195-210). doi:10.1007/978-981-16-9576-6_14

International Standard Book Number (isbn) 13


  • 9789811695759

Scopus Eid


  • 2-s2.0-85124652661

Book Title


  • Communications in Computer and Information Science

Start Page


  • 195

End Page


  • 210