Redirigiendo al acceso original de articulo en 24 segundos...
Inicio  /  Algorithms  /  Vol: 15 Par: 8 (2022)  /  Artículo
ARTÍCULO
TITULO

Defending against FakeBob Adversarial Attacks in Speaker Verification Systems with Noise-Adding

Zesheng Chen    
Li-Chi Chang    
Chao Chen    
Guoping Wang and Zhuming Bi    

Resumen

Speaker verification systems use human voices as an important biometric to identify legitimate users, thus adding a security layer to voice-controlled Internet-of-things smart homes against illegal access. Recent studies have demonstrated that speaker verification systems are vulnerable to adversarial attacks such as FakeBob. The goal of this work is to design and implement a simple and light-weight defense system that is effective against FakeBob. We specifically study two opposite pre-processing operations on input audios in speak verification systems: denoising that attempts to remove or reduce perturbations and noise-adding that adds small noise to an input audio. Through experiments, we demonstrate that both methods are able to weaken the ability of FakeBob attacks significantly, with noise-adding achieving even better performance than denoising. Specifically, with denoising, the targeted attack success rate of FakeBob attacks can be reduced from 100% to 56.05% in GMM speaker verification systems, and from 95% to only 38.63% in i-vector speaker verification systems, respectively. With noise adding, those numbers can be further lowered down to 5.20% and 0.50%, respectively. As a proactive measure, we study several possible adaptive FakeBob attacks against the noise-adding method. Experiment results demonstrate that noise-adding can still provide a considerable level of protection against these countermeasures.

 Artículos similares

       
 
Mohamed ElKashlan, Heba Aslan, Mahmoud Said Elsayed, Anca D. Jurcut and Marianne A. Azer    
The market for Electric Vehicles (EVs) has expanded tremendously as seen in the recent Conference of the Parties 27 (COP27) held at Sharm El Sheikh, Egypt in November 2022. This needs the creation of an ecosystem that is user-friendly and secure. Interne... ver más
Revista: Algorithms

 
Joseph Pedersen, Rafael Muñoz-Gómez, Jiangnan Huang, Haozhe Sun, Wei-Wei Tu and Isabelle Guyon    
We address the problem of defending predictive models, such as machine learning classifiers (Defender models), against membership inference attacks, in both the black-box and white-box setting, when the trainer and the trained model are publicly released... ver más
Revista: Algorithms

 
Marta Ribeiro, Joost Ellerbroek and Jacco Hoekstra    
Future operations involving drones are expected to result in traffic densities that are orders of magnitude higher than any observed in manned aviation. Current geometric conflict resolution (CR) methods have proven to be very efficient at relatively mod... ver más
Revista: Aerospace

 
Anurag Agarwal, Sridhar Ramamoorti, Vaidyanathan Jayaraman    
Disputes and lawsuits are quite common in business and are often a source of significant liabilities. We conjecture that measurement challenges and lack of adequate analysis tools have greatly inhibited the ability of the General Counsels offices in sele... ver más

 
Sung, M. Xu, J.     Pág. 861 - 872