Artificial Demon Voice controls your Phone

Gepostet vor 1 Monat in #Science #Tech #AI #AlgoCulture #Audio #Hacks

Share: Twitter Facebook Mail

Wissenschaftler haben eine Methode entwickelt, um Voice Commands in Sounds zu verstecken, die sich für das menschliche Ohr wie extrem und hundertfach komprimierte MP3s anhören. Mit diesen „Hidden Voice Commands“ können sie Android-Phones im Umkreis von bis zu drei Meter kontrollieren: The Demon Voice That Can Control Your Smartphone. (via Superpunch)

Voice interfaces are becoming more ubiquitous and are now the primary input method for many devices. We explore in this paper how they can be attacked with hidden voice commands that are unintelligible to human listeners but which are interpreted as commands by devices. We evaluate these attacks under two different threat models. In the black-box model, an attacker uses the speech recognition system as an opaque oracle. We show that the adversary can produce difficult to understand commands that are effective against existing systems in the black-box model. Under the white-box model, the attacker has full knowledge of the internals of the speech recognition system and uses it to create attack commands that we demonstrate through user testing are not understandable by humans. We then evaluate several defenses, including notifying the user when a voice command is accepted; a verbal challenge-response protocol; and a machine learning approach that can detect our attacks with 99.8% accuracy.

Sowas ähnliches gab's 2015 schon für Computer Vision, als sie Algorithmen erfolgreich mit Noise und Pattern verarscht hatten, Paper als PDF: Deep Neural Networks are Easily Fooled: High Confidence Predictions for Unrecognizable Images.

vis0

Deep neural networks (DNNs) have recently been achieving state-of-the-art performance on a variety of pattern-recognition tasks, most notably visual classification problems. Given that DNNs are now able to classify objects in images with near-human-level performance, questions naturally arise as to what differences remain between computer and human vision. A recent study [30] revealed that changing an image (e.g. of a lion) in a way imperceptible to humans can cause a DNN to label the image as something else entirely (e.g. mislabeling a lion a library).

Here we show a related result: it is easy to produce images that are completely unrecognizable to humans, but that state-of-theart DNNs believe to be recognizable objects with 99.99% confidence (e.g. labeling with certainty that white noise static is a lion). Specifically, we take convolutional neural networks trained to perform well on either the ImageNet or MNIST datasets and then find images with evolutionary algorithms or gradient ascent that DNNs label with high confidence as belonging to each dataset class. It is possible to produce images totally unrecognizable to human eyes that DNNs believe with near certainty are familiar objects, which we call “fooling images” (more generally, fooling examples). Our results shed light on interesting differences between human vision and current DNNs, and raise questions about the generality of DNN computer vision.

vis1 vis2 vis4 vis5

Automatic Handgun Detection via Machine Learning

The latest Step into an OCP-approved Ed-209-compatible Future: Automatic Handgun Detection Alarm in Videos Using Deep Learning (PDF). Usage Guide:…

ALF-Trump and other algorithmic Abominations

Großartiger neuer Twitter-Feed von Chris Rodley: Algorithmic Horror – Concept art for horror movies generated by an algorithm mit so…

Algorithmic Shape Collages

Interessantes Paper der Uni Hong Kong über automatisierte Shape Collagen (mit geilem Titel auch): Pyramid of Arclength Descriptor for Generating…

Cube-Transformation-Bot

Ganz großartiger Bot von Andrew Heumann: Tweet2Form: The Formalist Tweetbot. Das Teil versteht 11 verschiedene Befehle für 3D-Transformationen, führt die…

Cybernetic Serendipity 1968

Nice Walkthrough for the 1968 Cybernetic Serendipity-Exhibition at the Institute of Contemporary Arts in London. Some cool, early, experimental Machine-Typography…

Der Sünden-Bot

Mein Buddy Gregor macht wieder Unfug mit Tweetie-Bots, diesmal eine Metapher auf die panische Scheindebatte über den Angriff der killeralienmutant…

Google Brain does Zoom & Enhance

Vor grob einem halben Jahr bloggte ich über eine Reihe von Papers, die eine neue AI-Anwendung vorstellten: Image Super-Resolution. Die…

NSA-Powerpoint-Styletransfer: Snowden.ppt

Matthew Plummer-Fernandez hat einen Style-Transfer-Algorithmus auf verschiedene NSA-Powerpoint-Slides trainiert und daraus ein paar Snowden-Portraits generiert: Snowden.ppt. Machine Learning style transfer…

Radio-Hackers hijack Broadcasts to play „Fuck Donald Trump“

Letzte Woche bloggte ich über ein paar Piraten-Sender, die den (eher mauen) HipHop-Track „Fuck Donald Trump“ 24 Stunden lang in…

Algorithmic Cyclops

Mario Klingemann trainiert wieder irgendwelche Neural Networks die wieder irgendwelche komischen Sachen generieren. Diesmal hat er ’nen Algorithmus auf vintage…

Hieronymus Bosch dreaming of Sesame Street

Chris Rodley dreht nach dem Trump Clan ein paar klassische Gemälde von Picasso und Hieronymus Bosch durch den Sesamstraßen-Neural-Network-Wolf: