Defense method and defense device for black box attack model of speech recognition system

A speech recognition model and speech recognition technology, applied in speech recognition, countermeasures against encryption mechanisms, speech analysis, etc., can solve problems such as the difficulty of accurate confrontation samples and the inability to obtain model parameter structures, so as to achieve defense and improve recognition accuracy Effect

Active Publication Date: 2020-04-10
ZHEJIANG UNIV OF TECH
View PDF4 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in real-life applications, the parameter structure of the model is usually unavailable, and the gener

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defense method and defense device for black box attack model of speech recognition system
  • Defense method and defense device for black box attack model of speech recognition system
  • Defense method and defense device for black box attack model of speech recognition system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The core of the present invention is to provide a defense method and defense device for the black-box attack model of the speech recognition system, so as to improve the defense capability of the confrontation samples generated by the black-box attack model of the speech recognition system.

[0020] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, and do not limit the protection scope of the present invention.

[0021] A kind of defense method embodiment that the present invention provides for the black-box attack model of speech recognition system is introduced below, see figure 1 and figure 2 , including the following steps:

[0022] S101. Obtain an original audio file, use a sp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a defense method and a defense device for a black box attack model of a speech recognition system. According to the defense method, simulated environment noise is added to an original audio; a voice input condition is simulated in a real scene; noise is randomly added to form a primary adversarial sample; the adversarial sample is optimized through a genetic algorithm andgradient estimation to obtain an accurate adversarial sample, and then the original audio file and the adversarial sample are mixed to serve as a training data set of adversarial training to train themodel, so that the recognition accuracy of the model to the adversarial sample is improved, and the robustness of the model to the adversarial attack is improved.

Description

technical field [0001] The invention belongs to the technical field of deep learning security, and in particular relates to a defense method and a defense device for a black-box attack model of a speech recognition system. Background technique [0002] With the development of technology, the goal of modern speech recognition technology is to teach the machine to accurately recognize the speech it hears and execute instructions correctly according to the content of the speech. Speech recognition technology simplifies the communication between human and machine, omitting the steps of intermediate keyboard control and handwriting, which enables people to perform other operations with their hands or eyes while performing voice control. These advantages have made automatic speech recognition systems widely used in various fields from national defense, medical care to intelligent driving. In defense, for example, automatic speech recognition systems provide selected cockpit contr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G10L15/06G10L15/26G06N3/08H04L9/00
CPCG10L15/063G10L15/26G06N3/086H04L9/002G10L2015/0635
Inventor 陈晋音叶林辉杨奕涛
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap