[2603.22590] Precision-Varying Prediction (PVP): Robustifying ASR systems against adversarial attacks

Computer Science > Machine Learning arXiv:2603.22590 (cs) [Submitted on 23 Mar 2026] Title:Precision-Varying Prediction (PVP): Robustifying ASR systems against adversarial attacks Authors:Matías Pizarro, Raghavan Narasimhan, Asja Fischer View a PDF of the paper titled Precision-Varying Prediction (PVP): Robustifying ASR systems against adversarial attacks, by Mat\'ias Pizarro and Raghavan Narasimhan and Asja Fischer View PDF HTML (experimental) Abstract:With the increasing deployment of automated and agentic systems, ensuring the adversarial robustness of automatic speech recognition (ASR) models has become critical. We observe that changing the precision of an ASR model during inference reduces the likelihood of adversarial attacks succeeding. We take advantage of this fact to make the models more robust by simple random sampling of the precision during prediction. Moreover, the insight can be turned into an adversarial example detection strategy by comparing outputs resulting from different precisions and leveraging a simple Gaussian classifier. An experimental analysis demonstrates a significant increase in robustness and competitive detection performance for various ASR models and attack types. Subjects: Machine Learning (cs.LG); Cryptography and Security (cs.CR); Audio and Speech Processing (eess.AS) Cite as: arXiv:2603.22590 [cs.LG]   (or arXiv:2603.22590v1 [cs.LG] for this version)   https://doi.org/10.48550/arXiv.2603.22590 Focus to learn more arXiv-issued DOI via ...