Detail publikace

Joint Energy-Based Model for Robust Speech Classification System against Dirty-Label Backdoor Poisoning Attacks

ŠŮSTEK, M. JOSHI, S. LI, H. THEBAUD, T. VILLALBA LOPEZ, J. KHUDANPUR, S. DEHAK, N.

Originální název

Joint Energy-Based Model for Robust Speech Classification System against Dirty-Label Backdoor Poisoning Attacks

Typ

článek ve sborníku mimo WoS a Scopus

Jazyk

angličtina

Originální abstrakt

Our novel technique utilizes a Joint Energy-based Model (JEM) that integrates both discriminative and generative approaches to increase resistance against dirty-label backdoor attacks. Our approach is especially effective when the trigger is short or hardly perceivable. We simulate the attack on the Speech Commands Dataset consisting of 1 s audio clips. During training, we use JEM to model a view of the input implemented by a randomly selected 610 ms window. During inference, we combine all (40) possible views utilizing a generative part of JEM. The resulting system has slightly decreased accuracy but significantly increased resistance shown in multiple scenarios. Interestingly, replacing JEM with a standard discriminative model (Disc) provides increased resistance with a lesser effect compared to JEM but maintains accuracy. We introduce an extension motivated by semi-supervised training that further improves JEM but not Disc. JEM can also benefit from Gaussian noise during evaluation.

Klíčová slova

joint energy-based model, poisoning attacks, speech commands classification, dirty-label backdoor

Autoři

ŠŮSTEK, M.; JOSHI, S.; LI, H.; THEBAUD, T.; VILLALBA LOPEZ, J.; KHUDANPUR, S.; DEHAK, N.

Vydáno

13. 10. 2023

Nakladatel

IEEE Signal Processing Society

Místo

Taipei

ISBN

979-8-3503-0689-7

Kniha

Proceedings of IEEE Automatic Speech Recognition and Understanding Workshop (ASRU)

Strany od

1

Strany do

8

Strany počet

8

URL

BibTex

@inproceedings{BUT187975,
  author="ŠŮSTEK, M. and JOSHI, S. and LI, H. and THEBAUD, T. and VILLALBA LOPEZ, J. and KHUDANPUR, S. and DEHAK, N.",
  title="Joint Energy-Based Model for Robust Speech Classification System against Dirty-Label Backdoor Poisoning Attacks",
  booktitle="Proceedings of IEEE Automatic Speech Recognition and Understanding Workshop (ASRU)",
  year="2023",
  pages="1--8",
  publisher="IEEE Signal Processing Society",
  address="Taipei",
  doi="10.1109/ASRU57964.2023.10389697",
  isbn="979-8-3503-0689-7",
  url="https://ieeexplore.ieee.org/document/10389697"
}

Dokumenty