End-to-End Adversarial White Box Attacks on Music Instrument Classification

Katharina Prinz; Arthur Flexer

doi:10.48550/arXiv.2007.14714

End-to-End Adversarial White Box Attacks on Music Instrument Classification

Institute of Computational Perception

Research output: Working paper and reports › Preprint

Abstract

Small adversarial perturbations of input data are able to drastically change performance of machine learning systems, thereby challenging the validity of such systems. We present the very first end-to-end adversarial attacks on a music instrument classification system allowing to add perturbations directly to audio waveforms instead of spectrograms. Our attacks are able to reduce the accuracy close to a random baseline while at the same time keeping perturbations almost imperceptible and producing misclassifications to any desired instrument.

Original language	English
Number of pages	8
DOIs	https://doi.org/10.48550/arXiv.2007.14714
Publication status	Published - 2020

Publication series

Name	arXiv.org
ISSN (Print)	2331-8422

Fields of science

202002 Audiovisual media
102 Computer Sciences
102001 Artificial intelligence
102003 Image processing
102015 Information systems

JKU Focus areas

Digital Transformation

Access to Document

10.48550/arXiv.2007.14714

Dust and Data - The Art of Curating in the Age of Artificial Intelligence
Flexer, A. (PI)
01.07.2019 → 31.12.2021
Project: Funded research › FWF - Austrian Science Fund

Cite this

@techreport{04232f8be95744c8836f377fe8fbb245,

title = "End-to-End Adversarial White Box Attacks on Music Instrument Classification",

abstract = "Small adversarial perturbations of input data are able to drastically change performance of machine learning systems, thereby challenging the validity of such systems. We present the very first end-to-end adversarial attacks on a music instrument classification system allowing to add perturbations directly to audio waveforms instead of spectrograms. Our attacks are able to reduce the accuracy close to a random baseline while at the same time keeping perturbations almost imperceptible and producing misclassifications to any desired instrument.",

author = "Katharina Prinz and Arthur Flexer",

year = "2020",

doi = "10.48550/arXiv.2007.14714",

language = "English",

series = "arXiv.org",

type = "WorkingPaper",

}

TY - UNPB

T1 - End-to-End Adversarial White Box Attacks on Music Instrument Classification

AU - Prinz, Katharina

AU - Flexer, Arthur

PY - 2020

Y1 - 2020

N2 - Small adversarial perturbations of input data are able to drastically change performance of machine learning systems, thereby challenging the validity of such systems. We present the very first end-to-end adversarial attacks on a music instrument classification system allowing to add perturbations directly to audio waveforms instead of spectrograms. Our attacks are able to reduce the accuracy close to a random baseline while at the same time keeping perturbations almost imperceptible and producing misclassifications to any desired instrument.

AB - Small adversarial perturbations of input data are able to drastically change performance of machine learning systems, thereby challenging the validity of such systems. We present the very first end-to-end adversarial attacks on a music instrument classification system allowing to add perturbations directly to audio waveforms instead of spectrograms. Our attacks are able to reduce the accuracy close to a random baseline while at the same time keeping perturbations almost imperceptible and producing misclassifications to any desired instrument.

U2 - 10.48550/arXiv.2007.14714

DO - 10.48550/arXiv.2007.14714

M3 - Preprint

T3 - arXiv.org

BT - End-to-End Adversarial White Box Attacks on Music Instrument Classification

ER -

End-to-End Adversarial White Box Attacks on Music Instrument Classification

Abstract

Publication series

Fields of science

JKU Focus areas

Access to Document

Projects

Dust and Data - The Art of Curating in the Age of Artificial Intelligence

Cite this