DeepAI AI Chat
Log In Sign Up

Defending a Music Recommender Against Hubness-Based Adversarial Attacks

by   Katharina Hoedt, et al.
Johannes Kepler University Linz

Adversarial attacks can drastically degrade performance of recommenders and other machine learning systems, resulting in an increased demand for defence mechanisms. We present a new line of defence against attacks which exploit a vulnerability of recommenders that operate in high dimensional data spaces (the so-called hubness problem). We use a global data scaling method, namely Mutual Proximity (MP), to defend a real-world music recommender which previously was susceptible to attacks that inflated the number of times a particular song was recommended. We find that using MP as a defence greatly increases robustness of the recommender against a range of attacks, with success rates of attacks around 44 Additionally, adversarial examples still able to fool the defended system do so at the price of noticeably lower audio quality as shown by a decreased average SNR.


page 1

page 2

page 3

page 4


End-to-End Adversarial White Box Attacks on Music Instrument Classification

Small adversarial perturbations of input data are able to drastically ch...

Adversarial attacks on Copyright Detection Systems

It is well-known that many machine learning models are susceptible to so...

Cross-Representation Transferability of Adversarial Perturbations: From Spectrograms to Audio Waveforms

This paper shows the susceptibility of spectrogram-based audio classifie...

Sampled Nonlocal Gradients for Stronger Adversarial Attacks

The vulnerability of deep neural networks to small and even imperceptibl...

Security Analysis and Enhancement of Model Compressed Deep Learning Systems under Adversarial Attacks

DNN is presenting human-level performance for many complex intelligent t...

Towards Variable-Length Textual Adversarial Attacks

Adversarial attacks have shown the vulnerability of machine learning mod...

The Dilemma Between Dimensionality Reduction and Adversarial Robustness

Recent work has shown the tremendous vulnerability to adversarial sample...