On End-to-End White-Box Adversarial Attacks in Music Information Retrieval
Small adversarial perturbations of input data can drastically change the performance of machine learning systems, thereby challenging their validity. We compare several adversarial attacks targeting an instrument classifier, where for the first time in Music Information Retrieval (MIR) the perturbat...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ubiquity Press
2021-07-01
|
| Series: | Transactions of the International Society for Music Information Retrieval |
| Subjects: | |
| Online Access: | https://transactions.ismir.net/articles/85 |
| _version_ | 1819129223970816000 |
|---|---|
| author | Katharina Prinz Arthur Flexer Gerhard Widmer |
| author_facet | Katharina Prinz Arthur Flexer Gerhard Widmer |
| author_sort | Katharina Prinz |
| collection | DOAJ |
| description | Small adversarial perturbations of input data can drastically change the performance of machine learning systems, thereby challenging their validity. We compare several adversarial attacks targeting an instrument classifier, where for the first time in Music Information Retrieval (MIR) the perturbations are computed directly on the waveform. The attacks can reduce the accuracy of the classifier significantly, while at the same time keeping perturbations almost imperceptible. Furthermore, we show the potential of adversarial attacks being a security issue in MIR by artificially boosting playcounts through an attack on a real-world music recommender system. |
| first_indexed | 2024-12-22T08:40:19Z |
| format | Article |
| id | doaj.art-c71f066b116b49218e709cf89a1bf47e |
| institution | Directory Open Access Journal |
| issn | 2514-3298 |
| language | English |
| last_indexed | 2024-12-22T08:40:19Z |
| publishDate | 2021-07-01 |
| publisher | Ubiquity Press |
| record_format | Article |
| series | Transactions of the International Society for Music Information Retrieval |
| spelling | doaj.art-c71f066b116b49218e709cf89a1bf47e2022-12-21T18:32:15ZengUbiquity PressTransactions of the International Society for Music Information Retrieval2514-32982021-07-014110.5334/tismir.8546On End-to-End White-Box Adversarial Attacks in Music Information RetrievalKatharina Prinz0Arthur Flexer1Gerhard Widmer2Johannes Kepler University LinzJohannes Kepler University LinzJohannes Kepler University LinzSmall adversarial perturbations of input data can drastically change the performance of machine learning systems, thereby challenging their validity. We compare several adversarial attacks targeting an instrument classifier, where for the first time in Music Information Retrieval (MIR) the perturbations are computed directly on the waveform. The attacks can reduce the accuracy of the classifier significantly, while at the same time keeping perturbations almost imperceptible. Furthermore, we show the potential of adversarial attacks being a security issue in MIR by artificially boosting playcounts through an attack on a real-world music recommender system.https://transactions.ismir.net/articles/85adversarial attackinstrument classificationmusic recommendationvalidity |
| spellingShingle | Katharina Prinz Arthur Flexer Gerhard Widmer On End-to-End White-Box Adversarial Attacks in Music Information Retrieval Transactions of the International Society for Music Information Retrieval adversarial attack instrument classification music recommendation validity |
| title | On End-to-End White-Box Adversarial Attacks in Music Information Retrieval |
| title_full | On End-to-End White-Box Adversarial Attacks in Music Information Retrieval |
| title_fullStr | On End-to-End White-Box Adversarial Attacks in Music Information Retrieval |
| title_full_unstemmed | On End-to-End White-Box Adversarial Attacks in Music Information Retrieval |
| title_short | On End-to-End White-Box Adversarial Attacks in Music Information Retrieval |
| title_sort | on end to end white box adversarial attacks in music information retrieval |
| topic | adversarial attack instrument classification music recommendation validity |
| url | https://transactions.ismir.net/articles/85 |
| work_keys_str_mv | AT katharinaprinz onendtoendwhiteboxadversarialattacksinmusicinformationretrieval AT arthurflexer onendtoendwhiteboxadversarialattacksinmusicinformationretrieval AT gerhardwidmer onendtoendwhiteboxadversarialattacksinmusicinformationretrieval |