Collaborative Research: SaTC: CORE: Small: Securing IoT and Edge Devices under Audio Adversarial Attacks
协作研究:SaTC:核心:小型:在音频对抗攻击下保护物联网和边缘设备
基本信息
- 批准号:2114220
- 负责人:
- 金额:$ 33万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2021
- 资助国家:美国
- 起止时间:2021-10-01 至 2024-09-30
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Powered by the advancement of artificial intelligence (AI) techniques, the next-generation voice-controllable IoT and edge systems have substantially facilitated people’s daily lives. Such systems include voice assistant systems and voice authenticated mobile banking, among many others. However, the underlying machine learning approaches used in these systems, are inherently vulnerable to audio adversarial attacks, in which an adversary can mislead the machine learning models via injecting imperceptible perturbation to the original audio input. Given the widespread adoption of voice-controllable IoT and edge systems in many privacy-critical and safety-critical applications, e.g., personal banking and autonomous driving, the in-depth understanding and investigation of severity and consequences of audio-based adversarial attack as well as the corresponding defense solutions, are highly demanded. This project will perform a comprehensive study and analysis of the vulnerability and robustness of voice-controllable IoT and edge systems against audio-domain adversarial attacks in both temporal and spatial perspectives. The research outcome of this project will form solid foundations for building trustworthy voice-controllable IoT and edge systems. The developed defense techniques will improve the security of many intelligent audio systems, such as automatic speech recognition (ASR), keyword spotting, and speaker recognition. This project will involve underrepresented students, undergraduate and graduate students, and K-12 students through a variety of engaging programs.The objective of this project is to demonstrate the feasibility of audio adversarial attacks in the physical world, determine the attack severity and consequences, and further develop defending strategies in practical environments to build attack-resilient voice-controllable Internet-of-Things (IoT) devices and edge systems. To study the possibility and severity of audio adversarial attacks in a practical time-constraint setting, the project will develop low-cost audio-agnostic synchronization-free attack launching schemes, including audio-specific fast adversarial perturbation generator and universal adversarial perturbation generator. To investigate how the adversarial perturbations survive various propagation factors in realistic environments, the project will analyze the audio distortions caused by the over-the-air propagation using an advanced room impulse response simulator and physical environment measurements. The project will also develop several defense techniques, including defensive denoiser, model enhancement, and microphone-array-based liveness detection. The presented technique will help to secure the voice-controllable IoT and edge devices under audio adversarial attacks. The project will also contribute to a new computing paradigm in audio-based adversarial machine learning in both theoretic foundations as well as safety-critical audio-oriented emerging applications.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
在人工智能技术进步的推动下,下一代语音可控物联网和边缘系统极大地便利了人们的日常生活。这样的系统包括语音助理系统和语音认证的移动银行等。然而,在这些系统中使用的底层机器学习方法,本质上容易受到音频对抗性攻击,在这种攻击中,攻击者可以通过向原始音频输入注入难以察觉的扰动来误导机器学习模型。鉴于语音可控物联网和边缘系统在许多隐私关键和安全关键应用(如个人银行和自动驾驶)中的广泛采用,迫切需要深入了解和调查基于音频的对抗性攻击的严重性和后果以及相应的防御解决方案。该项目将从时间和空间角度全面研究和分析语音可控物联网和边缘系统对音频域对抗性攻击的脆弱性和鲁棒性。该项目的研究成果将为构建可信赖的语音可控物联网和边缘系统奠定坚实的基础。所开发的防御技术将提高许多智能音频系统的安全性,如自动语音识别(ASR)、关键字定位和说话人识别。该项目将涉及代表性不足的学生,本科生和研究生,以及K-12学生,通过各种引人入胜的课程。该项目的目标是演示音频对抗性攻击在物理世界中的可行性,确定攻击的严重程度和后果,并在实际环境中进一步制定防御策略,以构建抗攻击的语音可控物联网(IoT)设备和边缘系统。为了研究实际时间约束下音频对抗性攻击的可能性和严重性,该项目将开发低成本的音频不可知的无同步攻击启动方案,包括音频特定快速对抗性摄动发生器和通用对抗性摄动发生器。为了研究对抗性扰动如何在现实环境中经受各种传播因素的影响,该项目将使用先进的房间脉冲响应模拟器和物理环境测量来分析由空中传播引起的音频失真。该项目还将开发几种防御技术,包括防御降噪、模型增强和基于麦克风阵列的活动检测。所提出的技术将有助于在音频对抗性攻击下保护语音可控物联网和边缘设备。该项目还将在基于音频的对抗性机器学习的理论基础和安全关键音频导向的新兴应用中为新的计算范式做出贡献。该奖项反映了美国国家科学基金会的法定使命,并通过使用基金会的知识价值和更广泛的影响审查标准进行评估,被认为值得支持。
项目成果
期刊论文数量(6)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Invisible and Efficient Backdoor Attacks for Compressed Deep Neural Networks
- DOI:10.1109/icassp43922.2022.9747582
- 发表时间:2022-05
- 期刊:
- 影响因子:0
- 作者:Huy Phan;Yi Xie;Jian Liu;Yingying Chen;Bo Yuan
- 通讯作者:Huy Phan;Yi Xie;Jian Liu;Yingying Chen;Bo Yuan
Robust Detection of Machine-induced Audio Attacks in Intelligent Audio Systems with Microphone Array
- DOI:10.1145/3460120.3484755
- 发表时间:2021-11
- 期刊:
- 影响因子:0
- 作者:Zhuohang Li;Cong Shi;Tianfang Zhang;Yi Xie;Jian Liu;Bo Yuan;Yingying Chen
- 通讯作者:Zhuohang Li;Cong Shi;Tianfang Zhang;Yi Xie;Jian Liu;Bo Yuan;Yingying Chen
Stealthy Backdoor Attack on RF Signal Classification
- DOI:10.1109/icccn58024.2023.10230152
- 发表时间:2023-07
- 期刊:
- 影响因子:0
- 作者:Tianming Zhao;Zijie Tang;Tian-Di Zhang;Huy Phan;Yan Wang;Cong Shi;Bo Yuan;Ying Chen
- 通讯作者:Tianming Zhao;Zijie Tang;Tian-Di Zhang;Huy Phan;Yan Wang;Cong Shi;Bo Yuan;Ying Chen
HALOC: Hardware-Aware Automatic Low-Rank Compression for Compact Neural Networks
- DOI:10.1609/aaai.v37i9.26244
- 发表时间:2023-01
- 期刊:
- 影响因子:0
- 作者:Jinqi Xiao;Chengming Zhang;Yu Gong;Miao Yin;Yang Sui;Lizhi Xiang;Dingwen Tao;Bo Yuan
- 通讯作者:Jinqi Xiao;Chengming Zhang;Yu Gong;Miao Yin;Yang Sui;Lizhi Xiang;Dingwen Tao;Bo Yuan
RIBAC: Towards Robust and Imperceptible Backdoor Attack against Compact DNN
- DOI:10.48550/arxiv.2208.10608
- 发表时间:2022-08
- 期刊:
- 影响因子:0
- 作者:Huy Phan;Cong Shi;Yi Xie;Tian-Di Zhang;Zhuohang Li;Tianming Zhao;Jian Liu;Yan Wang;Ying Chen;Bo Yuan
- 通讯作者:Huy Phan;Cong Shi;Yi Xie;Tian-Di Zhang;Zhuohang Li;Tianming Zhao;Jian Liu;Yan Wang;Ying Chen;Bo Yuan
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Yingying Chen其他文献
Direct Load Control by Distributed Imperialist Competitive Algorithm
分布式帝国主义竞争算法的直接负载控制
- DOI:
10.1007/s40565-014-0075-x - 发表时间:
2014 - 期刊:
- 影响因子:6.3
- 作者:
Fengji Luo;Junhua Zhao;Haiming Wang;Xiaojiao Tong;Yingying Chen;Zhaoyang Dong - 通讯作者:
Zhaoyang Dong
Preliminary measurements of fluorescent aerosol number concentrations using a laser-induced fluorescence lidar
使用激光诱导荧光激光雷达初步测量荧光气溶胶数浓度
- DOI:
10.1364/ao.57.007211 - 发表时间:
2018 - 期刊:
- 影响因子:1.9
- 作者:
Zhimin Rao;Tingyao He;Dengxin Hua;Yunlong Wang;Xusheng Wang;Yingying Chen;Jing Le - 通讯作者:
Jing Le
Who Will Tell the Stories of Health Inequities? Platform Challenges (and Opportunities) in Local Civic Information Infrastructure
谁来讲述健康不平等的故事?
- DOI:
- 发表时间:
2023 - 期刊:
- 影响因子:0
- 作者:
Ava Francesca Battocchio;Kjerstin Thorson;Dan Hiaeshutter;Marisa Smith;Yingying Chen;S. Edgerly;Kelley Cotter;Hyesun Choung;Chuqing Dong;Moldir Moldagaliyeva;Christopher E. Etheridge - 通讯作者:
Christopher E. Etheridge
Bipartite Graph Matching Based Secret Key Generation
基于二分图匹配的密钥生成
- DOI:
10.1109/infocom42981.2021.9488848 - 发表时间:
2021-05 - 期刊:
- 影响因子:0
- 作者:
Hongbo Liu;Yan Wang;Yanzhi Ren;Yingying Chen - 通讯作者:
Yingying Chen
Catalytic oxidation of CO on mesoporous codoped ceria catalysts: Insights into the correlation of physicochemical property and catalytic activity
介孔共掺杂二氧化铈催化剂上 CO 的催化氧化:深入了解理化性质与催化活性的相关性
- DOI:
- 发表时间:
2019 - 期刊:
- 影响因子:4.9
- 作者:
Hongjian Zhu;Yingying Chen;Yibo Gao;Wenxu Liu;Zhongpeng Wang;Chenchen Cui;Wei Liu;Liguo Wang - 通讯作者:
Liguo Wang
Yingying Chen的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Yingying Chen', 18)}}的其他基金
Collaborative Research: III: Small: Efficient and Robust Multi-model Data Analytics for Edge Computing
协作研究:III:小型:边缘计算的高效、稳健的多模型数据分析
- 批准号:
2311596 - 财政年份:2023
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
SHF: Small: A General Framework for Accelerating AI on Resource-Constrained Edge Devices
SHF:小型:在资源受限的边缘设备上加速 AI 的通用框架
- 批准号:
2211163 - 财政年份:2022
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
Collaborative Research: CCRI: New: Nation-wide Community-based Mobile Edge Sensing and Computing Testbeds
合作研究:CCRI:新:全国范围内基于社区的移动边缘传感和计算测试平台
- 批准号:
2120396 - 财政年份:2021
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
Collaborative Research: PPoSS: Planning: Hardware-accelerated Trustworthy Deep Neural Network
合作研究:PPoSS:规划:硬件加速的可信深度神经网络
- 批准号:
2028876 - 财政年份:2020
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
SHF: Small: Collaborative Research: Software Hardware Architecture Co-design for Low-power Heterogeneous Edge Devices
SHF:小型:协作研究:低功耗异构边缘设备的软件硬件架构协同设计
- 批准号:
1909963 - 财政年份:2019
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Collaborative: Security Assurance in Short Range Communication with Wireless Channel Obfuscation
SaTC:核心:小型:协作:通过无线信道混淆实现短距离通信的安全保证
- 批准号:
1814590 - 财政年份:2018
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
SaTC: CORE: Small: Collaborative: Exploiting Physical Properties in Wireless Networks for Implicit Authentication
SaTC:核心:小型:协作:利用无线网络中的物理属性进行隐式身份验证
- 批准号:
1716500 - 财政年份:2017
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
NeTS: Medium: Collaborative Research: Exploiting Fine-grained WiFi Signals for Wellbeing Monitoring
NeTS:媒介:协作研究:利用细粒度 WiFi 信号进行健康监测
- 批准号:
1826647 - 财政年份:2017
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
SaTC: CORE: Small: Collaborative: Exploiting Physical Properties in Wireless Networks for Implicit Authentication
SaTC:核心:小型:协作:利用无线网络中的物理属性进行隐式身份验证
- 批准号:
1820624 - 财政年份:2017
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
NeTS: Medium: Collaborative Research: Exploiting Fine-grained WiFi Signals for Wellbeing Monitoring
NeTS:媒介:协作研究:利用细粒度 WiFi 信号进行健康监测
- 批准号:
1514436 - 财政年份:2015
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
相似国自然基金
Research on Quantum Field Theory without a Lagrangian Description
- 批准号:24ZR1403900
- 批准年份:2024
- 资助金额:0.0 万元
- 项目类别:省市级项目
Cell Research
- 批准号:31224802
- 批准年份:2012
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research
- 批准号:31024804
- 批准年份:2010
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Cell Research (细胞研究)
- 批准号:30824808
- 批准年份:2008
- 资助金额:24.0 万元
- 项目类别:专项基金项目
Research on the Rapid Growth Mechanism of KDP Crystal
- 批准号:10774081
- 批准年份:2007
- 资助金额:45.0 万元
- 项目类别:面上项目
相似海外基金
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330940 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317232 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338301 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Differentially Private SQL with flexible privacy modeling, machine-checked system design, and accuracy optimization
协作研究:SaTC:核心:中:具有灵活隐私建模、机器检查系统设计和准确性优化的差异化私有 SQL
- 批准号:
2317233 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: NSF-BSF: SaTC: CORE: Small: Detecting malware with machine learning models efficiently and reliably
协作研究:NSF-BSF:SaTC:核心:小型:利用机器学习模型高效可靠地检测恶意软件
- 批准号:
2338302 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Medium: Using Intelligent Conversational Agents to Empower Adolescents to be Resilient Against Cybergrooming
合作研究:SaTC:核心:中:使用智能会话代理使青少年能够抵御网络诱骗
- 批准号:
2330941 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Small: Towards Secure and Trustworthy Tree Models
协作研究:SaTC:核心:小型:迈向安全可信的树模型
- 批准号:
2413046 - 财政年份:2024
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: EDU: RoCCeM: Bringing Robotics, Cybersecurity and Computer Science to the Middled School Classroom
合作研究:SaTC:EDU:RoCCeM:将机器人、网络安全和计算机科学带入中学课堂
- 批准号:
2312057 - 财政年份:2023
- 资助金额:
$ 33万 - 项目类别:
Standard Grant
Collaborative Research: SaTC: CORE: Small: Investigation of Naming Space Hijacking Threat and Its Defense
协作研究:SaTC:核心:小型:命名空间劫持威胁及其防御的调查
- 批准号:
2317830 - 财政年份:2023
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant
Collaborative Research: SaTC: CORE: Small: Towards a Privacy-Preserving Framework for Research on Private, Encrypted Social Networks
协作研究:SaTC:核心:小型:针对私有加密社交网络研究的隐私保护框架
- 批准号:
2318843 - 财政年份:2023
- 资助金额:
$ 33万 - 项目类别:
Continuing Grant