Re: Bits from /me: A humble draft policy on "deep learning v.s. freedom"
- Date: Wed, 29 May 2019 20:01:19 -0700
- From: Mo Zhou <lumin@xxxxxxxxxx>
- Subject: Re: Bits from /me: A humble draft policy on "deep learning v.s. freedom"
On 2019-05-21 23:52, Paul Wise wrote:
> Has anyone repeated the training of Mozilla DeepSpeech for example?
By chance I found a paper from a pile of papers (that attacks AI models)
that Berkeley researchers have successfully attacked DeepSpeech:
IHMO Try not to ask AI to deal with any critical task unless one
understands the security risk. Maybe attacking AI models will
be what future hackers do?
```quote from https://arxiv.org/abs/1801.01944
We construct targeted audio adversarial examples on automatic speech
recognition. Given any audio waveform, we can produce another that
is over 99.9% similar, but transcribes as any phrase we choose
up to 50 characters per second of audio). We apply our white-box
optimization-based attack to Mozilla’s implementation DeepSpeech
and show it has a 100% success rate. The feasibility of this attack
introduce a new domain to study adversarial examples.