Learning to Fool the Speaker Recognition
文献类型:期刊论文
| 作者 | Li, Jiguo1,2; Zhang, Xinfeng3; Xu, Jizheng4; Ma, Siwei5; Gao, Wen5 |
| 刊名 | ACM TRANSACTIONS ON MULTIMEDIA COMPUTING COMMUNICATIONS AND APPLICATIONS
 |
| 出版日期 | 2021-10-01 |
| 卷号 | 17期号:3页码:21 |
| 关键词 | Audio forensics adversarial attack deep neural network |
| ISSN号 | 1551-6857 |
| DOI | 10.1145/3468673 |
| 英文摘要 | Due to the widespread deployment of fingerprint/face/speaker recognition systems, the risk in these systems, especially the adversarial attack, has drawn increasing attention in recent years. Previous researches mainly studied the adversarial attack to the vision-based systems, such as fingerprint and face recognition. While the attack for speech-based systems has not been well studied yet, although it has been widely used in our daily life. In this article, we attempt to fool the state-of-the-art speaker recognition model and present speaker recognition attacker, a lightweight multi-layer convolutional neural network to fool the well-trained state-of-the-art speaker recognition model by adding imperceptible perturbations onto the raw speech waveform. We find that the speaker recognition system is vulnerable to the adversarial attack, and achieve a high success rate on both the non-targeted attack and targeted attack. Besides, we present an effective method by leveraging a pretrained phoneme recognition model to optimize the speaker recognition attacker to obtain a tradeoff between the attack success rate and the perceptual quality. Experimental results on the TIMIT and LibriSpeech datasets demonstrate the effectiveness and efficiency of our proposed model. And the experiments for frequency analysis indicate that high-frequency attack is more effective than low-frequency attack, which is different from the conclusion drawn in previous image-based works. Additionally, the ablation study gives more insights into our model. |
| 资助项目 | National Science Foundation of China[62025101620] ; National Science Foundation of China[61961130392] ; PKU-Baidu Fund[2019BD003] ; High-performance Computing Platform of Peking University |
| WOS研究方向 | Computer Science |
| 语种 | 英语 |
| WOS记录号 | WOS:000738280600011 |
| 出版者 | ASSOC COMPUTING MACHINERY |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/18368]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Ma, Siwei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, 6 Kexueyuan South Rd, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, 6 Kexueyuan South Rd, Beijing 100190, Peoples R China 3.Univ Chinese Acad Sci, 19A Yuquan Rd, Beijing 100049, Peoples R China 4.Bytedance Inc, 48A Zhichun Rd, Beijing 100191, Peoples R China 5.Peking Univ, 5 Yiheyuan Rd, Beijing 100871, Peoples R China |
| 推荐引用方式 GB/T 7714 | Li, Jiguo,Zhang, Xinfeng,Xu, Jizheng,et al. Learning to Fool the Speaker Recognition[J]. ACM TRANSACTIONS ON MULTIMEDIA COMPUTING COMMUNICATIONS AND APPLICATIONS,2021,17(3):21. |
| APA | Li, Jiguo,Zhang, Xinfeng,Xu, Jizheng,Ma, Siwei,&Gao, Wen.(2021).Learning to Fool the Speaker Recognition.ACM TRANSACTIONS ON MULTIMEDIA COMPUTING COMMUNICATIONS AND APPLICATIONS,17(3),21. |
| MLA | Li, Jiguo,et al."Learning to Fool the Speaker Recognition".ACM TRANSACTIONS ON MULTIMEDIA COMPUTING COMMUNICATIONS AND APPLICATIONS 17.3(2021):21. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。