Room for Error: Large-Scale Simulation of Over-the-Air Acoustic Attacks

While voice control is rapidly becoming a ubiquitous vector of human-AI communication, the risks facing these systems remain poorly understood.

This is, in part, a product of the difficulties in scaling strictly digital adversarial workflows to the physical world.

These scale barriers have led the community to abstract away key acoustic factors relating to detectability and the influence of geometry on acoustics.

These methodological and metrological shortcomings undermine our understanding of risk.

We illuminate these issues through real-world testing, conceptual discussions, and a novel, high-throughput reality simulation framework.

By testing over 8 million adversarial evaluations, we demonstrate that acoustic awareness yields relative Word Error Rate increases of up to 94.5\% under Whisper and wav2vec.

We employ this framework to explore a formalize and operationalize a Dual-Form Signal to Noise Ratio to decouple source stealth from victim attack efficacy, resolving a crucial limitation in current works.

This lays the groundwork for repeatable, verifiable research that embraces, rather than abstracts, the acoustic environment.