Stop Bugging Me! Evading Modern-Day Wiretapping Using Adversarial Perturbations

Tal Ben Senior, Yael Mathov, Asaf Shabtai, Yuval Elovici

Research output: Working paper/PreprintPreprint

48 Downloads (Pure)

Abstract

Mass surveillance systems for voice over IP (VoIP) conversations pose a huge risk to privacy. These automated systems use learning models to analyze conversations, and upon detecting calls that involve specific topics, route them to a human agent. In this study, we present an adversarial learning-based framework for privacy protection for VoIP conversations. We present a novel algorithm that finds a universal adversarial perturbation (UAP), which, when added to the audio stream, prevents an eavesdropper from automatically detecting the conversation's topic. As shown in our experiments, the UAP is agnostic to the speaker or audio length, and its volume can be changed in real-time, as needed. In a real-world demonstration, we use a Teensy microcontroller that acts as an external microphone and adds the UAP to the audio in real-time. We examine different speakers, VoIP applications (Skype, Zoom), audio lengths, and speech-to-text models (Deep Speech, Kaldi). Our results in the real world suggest that our approach is a feasible solution for privacy protection.
Original languageEnglish GB
StatePublished - 24 Oct 2020

Keywords

  • cs.SD
  • cs.CR
  • cs.LG
  • eess.AS

Fingerprint

Dive into the research topics of 'Stop Bugging Me! Evading Modern-Day Wiretapping Using Adversarial Perturbations'. Together they form a unique fingerprint.

Cite this