A Multiversion Programming Inspired Approach to Detecting Audio Adversarial Examples

Zeng, Qiang; Su, Jianhai; Fu, Chenglong; Kayas, Golam; Luo, Lannan; Du, Xiaojiang; Tan, Chiu C.; Wu, Jie

doi:10.1109/dsn.2019.00019

Cited by 30 publications

(17 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HAWatcher [75] proposes a novel semantics-aware approach that utilizes semantic information, such as automation rules and device relations, to mine correlations from event logs for precise and explainable anomaly and attack detection. Security issues related to voice assistants draw great attention [76], [77], [78]. For example, MVP-Ears [78] presents a highly accurate (accuracy > 99.8%) audio adversarial example (AE) detection method inspired by multiversion programming, and it can proactively handle transferable audio AEs.…”

Section: A Smart Home Securitymentioning

confidence: 99%

“…Security issues related to voice assistants draw great attention [76], [77], [78]. For example, MVP-Ears [78] presents a highly accurate (accuracy > 99.8%) audio adversarial example (AE) detection method inspired by multiversion programming, and it can proactively handle transferable audio AEs. This work is concerned with the rich privacy-sensitive data generated by IoT devices.…”

Section: A Smart Home Securitymentioning

confidence: 99%

See 1 more Smart Citation

PFirewall: Semantics-Aware Customizable Data Flow Control for Smart Home Privacy Protection

Chi

Zeng

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT) platforms enable users to deploy home automation applications. Meanwhile, privacy issues arise as large amounts of sensitive device data flow out to IoT platforms. Most of the data flowing to a platform actually do not trigger automation actions, while homeowners currently have no control once devices are bound to the platform. We present PFIREWALL, a customizable data-flow control system to enhance the privacy of IoT platform users. PFIREWALL automatically generates data-minimization policies, which only disclose minimum amount of data to fulfill automation. In addition, PFIRE-WALL provides interfaces for homeowners to customize individual privacy preferences by defining user-specified policies. To enforce these policies, PFIREWALL transparently intervenes and mediates the communication between IoT devices and the platform, without modifying the platform, IoT devices, or hub. Evaluation results on four real-world testbeds show that PFIREWALL reduces IoT data sent to the platform by 97% without impairing home automation, and effectively mitigates user-activity inference/tracking attacks and other privacy risks.

show abstract

Section: A Smart Home Securitymentioning

confidence: 99%

Section: A Smart Home Securitymentioning

confidence: 99%

PFirewall: Semantics-Aware Customizable Data Flow Control for Smart Home Privacy Protection

Chi

Zeng

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

Self Cite

View full text Add to dashboard Cite

show abstract

“…Also, recent studies show that adversarial examples can be applied to the real worlds, such as object recognition system [41], controllable voice system [24] and traffic sign recognition system [25]. Zeng et al proposed a novel audio detection approach to determine whether audio is an adversarial example [26]. Xiao et al designed a malware detection scheme with Q-learning for a mobile device to derive the optimal offloading rate.…”

Section: Related Work a Adversarial Examplesmentioning

confidence: 99%

Adversarial Attacks for Image Segmentation on Multiple Lightweight Models

Song

Guizani

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

Due to the powerful ability of data fitting, deep neural networks have been applied in a wide range of applications in many key areas. However, in recent years, it was found that some adversarial samples easily fool the deep neural networks. These input samples are generated by adding a few small perturbations based on the original sample, making a very significant influence on the decision of the target model in the case of not being perceived. Image segmentation is one of the most important technologies in the medical image and automatic driving field. This paper mainly explores the security of deep neural network models based on the image segmentation tasks. Two lightweight image segmentation models on the embedded device suffered from the white-box attack by using local perturbations and universal perturbations. The perturbations are generated indirectly by a noise function and an intermediate variable so that the gradient of pixels can be propagated unlimitedly. Through experiments, we find that different models have different blind spots, and the adversarial samples trained for a single model have no transferability. In the end, multiple models are attacked by our joint learning. Finally, under the constraint of low perturbation, most of the pixels in the attacked area have been misclassified by both lightweight models. The experimental result shows that the proposed adversary is more likely to affect the performance of the segmentation model compared with the FGSM.

show abstract

“…Although manufacturers have deployed various measurements of their platforms, some papers still found flaws leaking users' privacy on various platforms [18]- [21]. There have been many papers showing how to compromise a user's privacy via the flaws of cloud [22]- [25], protocols, voice interface [26], or even traffic analysis. These efforts cover the privacy breaches that can be caused to users by various platforms in a smart home environment.…”

Section: F Related Workmentioning

confidence: 99%

Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case Study

Zeng

Zhu

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

The combination of smart home platforms and automation apps introduce many conveniences to smart home users. However, this also brings the potential of privacy leakage. If a smart home platform is permitted to collect all the events of a user day and night, then the platform will learn the behavior patterns of this user before long. In this paper, we investigate how IFTTT, one of the most popular smart home platforms, has the capability of monitoring the daily life of a user in a variety of ways that are hardly noticeable. Moreover, we propose multiple ideas for mitigating privacy leakages, which all together form a ''Filter-and-Fuzz'' (F&F) process: first, it filters out events unneeded by the IFTTT platform. Then, it fuzzifies the values and frequencies of the remaining events. We evaluate the F&F process and the results show that the proposed solution makes the IFTTT unable to recognize any of the user's behavior patterns. INDEX TERMS IFTTT, privacy leakage, smart home, SmartThings.

show abstract

A Multiversion Programming Inspired Approach to Detecting Audio Adversarial Examples

Cited by 30 publications

References 30 publications

PFirewall: Semantics-Aware Customizable Data Flow Control for Smart Home Privacy Protection

PFirewall: Semantics-Aware Customizable Data Flow Control for Smart Home Privacy Protection

Adversarial Attacks for Image Segmentation on Multiple Lightweight Models

Privacy Leakage in Smart Homes and Its Mitigation: IFTTT as a Case Study

Contact Info

Product

Resources

About