Go to DBLP homepageA Generative Adversarial Network-based Attack for Audio-based Condition Monitoring Systems
Abstract: Over the last years, several machine learning techniques have been proposed for the condition monitoring of physical assets based on audio. As a result, adversaries have been trying to circumvent the reliability of deployed systems, typically through the generation of maliciously altered audio samples that are subsequently introduced as input by the model. However, altering the input in production settings is not always feasible, on the contrary, samples are often collected through a microphone, significantly increasing the attack execution effort. In this paper, we propose a realistic generative adversarial network attack for an audio-based condition monitoring system. We first train a generator and a discriminator with a joint objective of generating audio samples corresponding to the difference between the two classes, e.g., normal and faulty. Additionally, we test our approach by overlapping our generated audio on the samples collected by the microphone. Our main goal is the proposal of a GAN-based attack capable of generating audio samples that when overlaid with the original microphone-captured audio may induce misclassification given a target class. Experiments performed through our captured audio dataset from normal and broken unmanned aerial vehicle propellers show that the proposed attack achieved a mean success rate of 40%, decreasing the F-measure concerning random noise by 13.3%, 20%, and 37.8% for ResNet-18, AlexNet, and DenseNet-169 models, respectively.
Loading