Web lists-archives.com

Re: Bits from /me: A humble draft policy on "deep learning v.s. freedom"




Hi,

On 2019-05-21 23:52, Paul Wise wrote:
> Has anyone repeated the training of Mozilla DeepSpeech for example?

By chance I found a paper from a pile of papers (that attacks AI models)
that Berkeley researchers have successfully attacked DeepSpeech:

   https://arxiv.org/pdf/1801.01944.pdf

IHMO Try not to ask AI to deal with any critical task unless one
understands the security risk. Maybe attacking AI models will
be what future hackers do?

```quote from https://arxiv.org/abs/1801.01944
Abstract

We construct targeted audio adversarial examples on automatic speech
recognition. Given any audio waveform, we can produce another that
is over 99.9% similar, but transcribes as any phrase we choose
(recognizing
up to 50 characters per second of audio). We apply our white-box
iterative
optimization-based attack to Mozilla’s implementation DeepSpeech
end-to-end,
and show it has a 100% success rate. The feasibility of this attack
introduce a new domain to study adversarial examples.
```quote