Hussain, Suha (School: Queens High School for the Sciences at York College)
The rapid proliferation and adoption of speech recognition systems in our day-to-day lives result in greater consequences for possible vulnerabilities. Previous research has proven that host hardware and preprocessing can be leveraged to successfully deceive speech recognition systems. Additionally, neural networks, algorithms within modern systems, can be effectively fooled by generating adversarial noise. However, a method to exploit speech recognition systems by leveraging neural networks was notably absent. An algorithm was developed that crafts universal, transformable adversarial noise for the inputs of a speech recognition system that would result in deliberate misclassification. To evaluate this algorithm, adversarial noises for five randomly chosen target classes were produced using a substitute neural network.The noises were then added to the inputs of a victim system in a black-box setting. On average, the crafted adversarial noises led to deliberate misclassification 60.42% of the time. The universality of the generated noises increased the inconspicuousness, aided by limitations set on the noises. The feasibility and practicality of the attack was increased by the fact that the adversarial noises were transformable. Thus, the neural networks in speech recognition systems are a significant vulnerability. It is imperative that attacks such as these are mitigated for speech recognition systems to be considered safe. Future research can improve upon the proposed attack for the purpose of finding more vulnerabilities or focus upon building an optimal defense strategy.
GoDaddy: $1,500 Data Award
Shanghai STEM Cloud Center: STEMCloud Award of $1800 in Systems Software
National Security Agency Research Directorate : Second Place Award "Science Security" of $1,000
Second Award of $1,500
Association for Computing Machinery: Fourth Award of $500