This work proposes a training-free, unified defense strategy against adversarial attacks on automatic speech recognition (ASR) systems, which are known to be highly vulnerable and lack robustness. The approach leverages the sensitivity discrepancy of adversarial examples across model precisions during inference by randomly sampling precision levels and constructing a detection mechanism based on a Gaussian classifier. For the first time, this method reveals and exploits the distinctive response characteristics of adversarial samples under variable-precision inference. Extensive evaluations demonstrate that the proposed technique significantly enhances system robustness across diverse ASR architectures and attack types while enabling efficient detection of adversarial inputs.

With the increasing deployment of automated and agentic systems, ensuring the adversarial robustness of automatic speech recognition (ASR) models has become critical. We observe that changing the precision of an ASR model during inference reduces the likelihood of adversarial attacks succeeding. We take advantage of this fact to make the models more robust by simple random sampling of the precision during prediction. Moreover, the insight can be turned into an adversarial example detection strategy by comparing outputs resulting from different precisions and leveraging a simple Gaussian classifier. An experimental analysis demonstrates a significant increase in robustness and competitive detection performance for various ASR models and attack types.