We propose a novel speech keyword spotting mechanism which is robust against attacks exploiting the inherent vulnerabilities of an ML model in correctly classifying the spoken word.
We propose a novel Semantic-Preserving Adversarial Transformation (SPAT) framework which facilitates an advantageous trade-off between the attack success rate and the perceptual similarity between the benign and adversarial examples.