https://scholars.lib.ntu.edu.tw/handle/123456789/580900
標題: | Adversarial Attacks on Spoofing Countermeasures of Automatic Speaker Verification | 作者: | Liu S Wu H Lee H.-Y Meng H. HUNG-YI LEE |
關鍵字: | Gradient methods; Network architecture; Adversarial attack; Anti-spoofing; Black boxes; spoofing countermeasure; White box; Speech recognition | 公開日期: | 2019 | 起(迄)頁: | 312-319 | 來源出版物: | 2019 IEEE Automatic Speech Recognition and Understanding Workshop, ASRU 2019 - Proceedings | 摘要: | High-performance spoofing countermeasure systems for automatic speaker verification (ASV) have been proposed in the ASVspoof 2019 challenge. However, the robustness of such systems under adversarial attacks has not been studied yet. In this paper, we investigate the vulnerability of spoofing countermeasures for ASV under both white-box and black-box adversarial attacks with the fast gradient sign method (FGSM) and the projected gradient descent (PGD) method. We implement high-performing countermeasure models in the ASVspoof 2019 challenge and conduct adversarial attacks on them. We compare performance of black-box attacks across spoofing countermeasure models with different network architectures and different amount of model parameters. The experimental results show that all implemented countermeasure models are vulnerable to FGSM and PGD attacks under the scenario of white-box attack. The more dangerous black-box attacks also prove to be effective by the experimental results. ? 2019 IEEE. |
URI: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85081598616&doi=10.1109%2fASRU46091.2019.9003763&partnerID=40&md5=9a8a3f963c8b4e73979dc37e46d5706b https://scholars.lib.ntu.edu.tw/handle/123456789/580900 |
DOI: | 10.1109/ASRU46091.2019.9003763 |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。