Attacks as Defenses: Designing Robust Audio CAPTCHAs Using Attacks on Automatic Speech Recognition Systems

by   Hadi Abdullah, et al.

Audio CAPTCHAs are supposed to provide a strong defense for online resources; however, advances in speech-to-text mechanisms have rendered these defenses ineffective. Audio CAPTCHAs cannot simply be abandoned, as they are specifically named by the W3C as important enablers of accessibility. Accordingly, demonstrably more robust audio CAPTCHAs are important to the future of a secure and accessible Web. We look to recent literature on attacks on speech-to-text systems for inspiration for the construction of robust, principle-driven audio defenses. We begin by comparing 20 recent attack papers, classifying and measuring their suitability to serve as the basis of new "robust to transcription" but "easy for humans to understand" CAPTCHAs. After showing that none of these attacks alone are sufficient, we propose a new mechanism that is both comparatively intelligible (evaluated through a user study) and hard to automatically transcribe (i.e., P( transcription) = 4 × 10^-5). Finally, we demonstrate that our audio samples have a high probability of being detected as CAPTCHAs when given to speech-to-text systems (P( evasion) = 1.77 × 10^-4). In so doing, we not only demonstrate a CAPTCHA that is approximately four orders of magnitude more difficult to crack, but that such systems can be designed based on the insights gained from attack papers using the differences between the ways that humans and computers process audio.


Audio Adversarial Examples: Attacks Using Vocal Masks

We construct audio adversarial examples on automatic Speech-To-Text syst...

ADAGIO: Interactive Experimentation with Adversarial Attack and Defense for Audio

Adversarial machine learning research has recently demonstrated the feas...

Beyond L_p clipping: Equalization-based Psychoacoustic Attacks against ASRs

Automatic Speech Recognition (ASR) systems convert speech into text and ...

aaeCAPTCHA: The Design and Implementation of Audio Adversarial CAPTCHA

CAPTCHAs are designed to prevent malicious bot programs from abusing web...

Going In Style: Audio Backdoors Through Stylistic Transformations

A backdoor attack places triggers in victims' deep learning models to en...

The Faults in our ASRs: An Overview of Attacks against Automatic Speech Recognition and Speaker Identification Systems

Speech and speaker recognition systems are employed in a variety of appl...

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems

With the wide use of Automatic Speech Recognition (ASR) in applications ...

Please sign up or login with your details

Forgot password? Click here to reset