网络与信息安全学报2025,Vol.11Issue(2):125-135,11.DOI:10.11959/j.issn.2096-109x.2025022
针对音频分类的跨表征可迁移对抗样本生成方法
Cross-representation transferable adversarial examples generation for audio classification
摘要
Abstract
Adversarial examples have been used as an important tool for detecting vulnerabilities in deep neural net-works.The unique property of transferability enables them to deceive black-box deep neural network models.Transfer-based attack methods for audio classification have recently attracted extensive discussion.However,in the audio domain,existing transfer-based methods overlooked the transferability of adversarial audio examples from 1D waveform to 2D Mel-spectrogram representation.It was observed that adversarial examples generated against a raw-waveform surrogate model could not successfully attack Mel-spectrogram target models.A method for generat-ing cross-representation transferable adversarial examples for audio classification was proposed.Specifically,losses from two pre-trained surrogate models accepting different representations were linearly combined to train generators for crafting adversarial audio examples with high cross-representation and cross-model transferability.Furthermore,the predictive discrepancies between the two surrogate models were minimized to enhance cross-representation transferability.Additionally,the generator's output was used to train these surrogate models adver-sarially,which significantly enhanced the robustness of the surrogate models and consequently boosted the cross-model transferability of adversarial examples.Extensive experiments were carried out on the Urban Sound8k and ShipsEar datasets.The results demonstrate that this approach could improve the cross-representation transferability of adversarial examples and significantly outperform existing transfer-based attacks.关键词
对抗样本/迁移攻击/音频分类攻击/跨表征Key words
adversarial example/transfer-based attack/audio classification attack/cross-representation分类
计算机与自动化引用本文复制引用
田梓琳,龙云飞,田野,张立国..针对音频分类的跨表征可迁移对抗样本生成方法[J].网络与信息安全学报,2025,11(2):125-135,11.基金项目
国家自然科学基金(52071111),海南省自然科学基金(623CXTD394),国家资助博士后研究人员计划(GZC20232046) The National Natural Science Foundation of China(52071111),Hainan Provincial Natural Science Founda-tion of China(623CXTD394),National Sponsored Postdoctoral Researcher Program(GZC20232046) (52071111)
