Poisoned Acoustics

Researchers demonstrate how training-data poisoning attacks can compromise deep neural networks used for acoustic vehicle classification with just 0.5% corrupted data, achieving 95.7% attack success rate while remaining undetectable. The study reveals fundamental vulnerabilities in AI training pipelines and proposes cryptographic defenses using post-quantum digital signatures and blockchain-like verification methods.

• →AI models can be compromised by corrupting as little as 0.5% of training data while maintaining normal aggregate accuracy metrics.
• →Class imbalance in datasets makes poisoning attacks structurally undetectable through standard monitoring methods.
• →Backdoor trigger attacks become redundant when targeting minority classes, degenerating to simple label flipping.
• →Current ML training pipelines lack sufficient security measures to prevent data poisoning attacks.
• →Post-quantum cryptographic signatures and Merkle-tree commitments are proposed as defenses for verifiable data provenance.