Remember meForgot password?
    Log in with Twitter

article imageHackers could trick AI voice recognition into mishearing voices

By James Walker     Jul 29, 2017 in Technology
Artificial intelligence is showing great promise in voice recognition but a new study completed by researchers shows it can't necessarily be trusted. A team successfully tricked AI into mishearing a recording, without altering how it's heard by humans.
AI researchers at Facebook and Israel's Bar-Ilan University have hit upon a method that causes AI to mishear otherwise unmodified recordings. New Scientist reports that the algorithm, dubbed "Houdini" by the team that created it, overlays audio recordings with a layer of noise that's imperceptible to humans.
The subtle change to the file's soundscape is enough to throw current AI recognition systems. The added noise is so low-level that its presence isn't recognised by humans. The finding was confirmed by hearing tests that showed original and modified clips to be identical when both were listened to by human ears.
READ NEXT: Researchers shut down AI that invented its own language
In a test of the algorithm, an audio clip was recorded and given to the AI for analysis. Later, the same clip was "hijacked" by Houdini. The new clip was indistinguishable from the old one to humans but generated a distinctly different response when processed by the AI.
The original clip:
"Her bearing was graceful and animated she led her son by the hand and before her walked two maids with wax lights and silver candlesticks."
The clip as heard by the AI:
"The bearing was graceful an animated she let her son by the hand and before he walks two maids with wax lights and silver candlesticks."
The clip as heard by the AI, after Houdini modification:
"Mary was grateful then admitted she let her son before the walks to Mays would like slice furnace filter count six."
The same technique can also be used to fool computer vision software. An image with a specially crafted layer of mild noise wouldn't look different to humans. AI would identify different patterns in the data though, leading it to misinterpret its contents.
The study confirms that AI's increasing recognition accuracy doesn't necessarily mean it can be relied upon. It shows that AI could mishear a recording for reasons that aren't obvious to humans. The results extrapolate the reduced accuracy of digital assistants, such as Siri and Alexa, in noisy environments to the wider applications of recognition technologies.
READ NEXT: DeepMind creates imaginative AI that can create and plan
The discovery could be exploited by malicious actors to force an AI-powered system into inaccurately registering sensor inputs. Thieves could evade detection on security cameras by tampering with the feed to prevent motion recognition systems from functioning.
There's not any evidence that this technique has already been used in the wild. Even if a successful attack occurs, it would be possible to verify a sound clip or image has been tampered with. By comparing the digital fingerprint of the suspect file with that of the original, human operators could determine if the Houdini technique has been deployed.
More about Artificial intelligence, Ai, machine learning, future tech, Voice recognition