Research Article
Attacking the Dialogue System at Smart Home
@INPROCEEDINGS{10.1007/978-3-030-67537-0_10, author={Erqiang Deng and Zhen Qin and Meng Li and Yi Ding and Zhiguang Qin}, title={Attacking the Dialogue System at Smart Home}, proceedings={Collaborative Computing: Networking, Applications and Worksharing. 16th EAI International Conference, CollaborateCom 2020, Shanghai, China, October 16--18, 2020, Proceedings, Part I}, proceedings_a={COLLABORATECOM}, year={2021}, month={1}, keywords={Smart home Security Dialog system Adversarial example}, doi={10.1007/978-3-030-67537-0_10} }- Erqiang Deng
Zhen Qin
Meng Li
Yi Ding
Zhiguang Qin
Year: 2021
Attacking the Dialogue System at Smart Home
COLLABORATECOM
Springer
DOI: 10.1007/978-3-030-67537-0_10
Abstract
Intelligent dialogue systems are widely applied in smart home systems, and the security of such systems deserves concern [1,2]. In this paper, we design a threatening scenario of dialogue systems at a smart home. A trojan robot is disguised as one part of the whole system but generates dialogue adversarial examples to attack the normal robots according to the information of users. To achieve the goal in such a scenario, the responding speed, the correctness of the grammar, and the consistency of semantic is necessary. Based on these requirements, we propose a novel method named Attention weight Probability Estimation Attack (APE) to allocate the keys words in dialogue and substitute these words with synonyms in real-time. We perform our experiments on popular classification datasets in the DNN model, and the result shows that APE effectively attacks the system with low responding time and a high success rate.
