A Study on the Transferability of Adversarial Attacks in Sound Event Classification
- Resource Type
- Conference
- Authors
- Subramanian, Vinod; Pankajakshan, Arjun; Benetos, Emmanouil; Xu, Ning; McDonald, SKoT; Sandler, Mark
- Source
- ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) Acoustics, Speech and Signal Processing (ICASSP), ICASSP 2020 - 2020 IEEE International Conference on. :301-305 May, 2020
- Subject
- Signal Processing and Analysis
Computer vision
Computational modeling
Training data
Transforms
Signal processing
Security
Speech processing
Adversarial attacks
transferability
audio tagging
sound event classification
- Language
- ISSN
- 2379-190X
An adversarial attack is an algorithm that perturbs the input of a machine learning model in an intelligent way in order to change the output of the model. An important property of adversarial attacks is transferability. According to this property, it is possible to generate adversarial perturbations on one model and apply it the input to fool the output of a different model. Our work focuses on studying the transferability of adversarial attacks in sound event classification. We are able to demonstrate differences in transferability properties from those observed in computer vision. We show that dataset normalization techniques such as z-score normalization does not affect the transferability of adversarial attacks and we show that techniques such as knowledge distillation do not increase the transferability of attacks.