https://scholars.lib.ntu.edu.tw/handle/123456789/607146
標題: | Voting for the right answer: Adversarial defense for speaker verification | 作者: | Wu H Zhang Y Wu Z Wang D Lee H.-y. HUNG-YI LEE |
關鍵字: | Adversarial attack;Speaker verification;Access control;Budget control;Speech communication;Automatic speaker verification;Biometric identifications;Blind spots;Human perception;Random sampling;Risky decisions;Speech recognition | 公開日期: | 2021 | 卷: | 6 | 起(迄)頁: | 4655-4659 | 來源出版物: | Proceedings of the Annual Conference of the International Speech Communication Association, INTERSPEECH | 摘要: | Automatic speaker verification (ASV) is a well developed technology for biometric identification, and has been ubiquitous implemented in security-critic applications, such as banking and access control. However, previous works have shown that ASV is under the radar of adversarial attacks, which are very similar to their original counterparts from human's perception, yet will manipulate the ASV render wrong prediction. Due to the very late emergence of adversarial attacks for ASV, effective countermeasures against them are limited. Given that the security of ASV is of high priority, in this work, we propose the idea of "voting for the right answer"to prevent risky decisions of ASV in blind spot areas, by employing random sampling and voting. Experimental results show that our proposed method improves the robustness against both the limited-knowledge attackers by pulling the adversarial samples out of the blind spots, and the sufficient-knowledge attackers by introducing randomness and increasing the attackers' budgets. Copyright ? 2021 ISCA. |
URI: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85119301445&doi=10.21437%2fInterspeech.2021-1452&partnerID=40&md5=9066cac9c8c08f3ed2150f24aeeb9368 https://scholars.lib.ntu.edu.tw/handle/123456789/607146 |
ISSN: | 2308457X | DOI: | 10.21437/Interspeech.2021-1452 |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。