= Adversarial Machine Learning Against Voice Assistant Systems =

== Project Objective ==
This project aims to study the security of voice assistant systems under adversarial machine learning. Adversarial learning algorithms can generate adversarial audio samples to serve as the input of voice assistant systems, so as to fool the machine learning models in the system. In this project, we will focus on the white-box attack in the digital domain by generating adversarial samples using adversarial machine learning algorithms to attack a speaker recognition system based on X-Vector. If time allows, we will further enhance the robustness of the attack by simulating room impulse response and conduct over-the-air attack.

== Tutorials ==
*Week 1
- Generating Adversarial Samples in Keras: https://medium.com/mindboard/generating-adversarial-samples-in-keras-tutorial-f881ac836246
- Tensorflow - Adversarial Example using FGSM: https://www.tensorflow.org/tutorials/generative/adversarial_fgsm  
- Generating Adversarial Samples in Keras: https://medium.com/analytics-vidhya/implementing-adversarial-attacks-and-defenses-in-keras-tensorflow-2-0-cab6120c5715
*Week 2
- Python tutorial: https://www.w3schools.com/python/
- How to run Python code: https://www.knowledgehut.com/blog/programming/run-python-scripts
- Jupyter notebook tutorial: https://www.dataquest.io/blog/jupyter-notebook-tutorial/
- Video tutorial (Optional): Neural Networks and Deep Learning: https://www.coursera.org/learn/neural-networks-deep-learning

== Reading Material ==
- [https://www.orbit-lab.org/attachment/wiki/Other/Summer/2020/AdvML/Hidden%20voice%20commands.pdf Hidden voice commands]
- [https://www.orbit-lab.org/attachment/wiki/Other/Summer/2020/AdvML/Commandersong%20A%20systematic%20approach%20for%20practical%20adversarial%20voice%20recognition.pdf CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition]
- [https://www.orbit-lab.org/attachment/wiki/Other/Summer/2020/AdvML/Audio%20Adversarial%20Examples%20Targeted%20Attacks%20on%20Speech-to-Text.pdf Audio Adversarial Examples Targeted Attacks on Speech-to-Text]
- [https://www.orbit-lab.org/attachment/wiki/Other/Summer/2020/AdvML/Imperceptible%2C%20Robust%2C%20and%20Targeted%20Adversarial%20Examples%20for%20Automatic%20Speech%20Recognition.pdf Imperceptible, Robust, and Targeted Adversarial Examples for Automatic Speech Recognition]
- [https://www.orbit-lab.org/attachment/wiki/Other/Summer/2020/AdvML/Practical%20Adversarial%20Attacks%20Against%20Speaker%20Recognition%20Systems.pdf Practical Adversarial Attacks Against Speaker Recognition Systems]

== Week 1 Activities ==

- Get ORBIT/COSMOS account and familiarize oneself with the testbed procedures

== Week 2 Activities ==
- Get familiar with Python language.\\
  -- Install Python environment\\
  -- Use Jupyter Notebook to run Python code samples\\
- Learn the concept of deep learning and deep neural networks.\\
  -- Slides: Neural Network Basics of Energy-Efficient Machine Learning System\\
  -- Video tutorial (Optional): Neural Networks and Deep Learning by Andrew Ng (Recommended chapters: Week 2: Logistic Regression as a Neural Network, Week 3: Shallow Neural Network)

== Week2 Tutorials ==