| |||||||
ShanghaiTech University Knowledge Management System
| AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems | |
| 2022 | |
| 发表期刊 | IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING (IF:7.0[JCR-2023],6.8[5-Year]) |
| ISSN | 2160-9209 |
| 卷号 | PP期号:99 |
| 发表状态 | 已发表 |
| DOI | 10.1109/TDSC.2022.3189397 |
| 摘要 | Recent work has illuminated the vulnerability of speaker recognition systems (SRSs) against adversarial attacks, raising significant security concerns in deploying SRSs. However, they considered only a few settings (e.g., some combinations of source and target speakers), leaving many interesting and important settings in real-world attack scenarios alone. In this work, we present AS2T , the first attack in this domain which covers all the settings, thus allows the adversary to craft adversarial voices using arbitrary source and target speakers for any of three main recognition tasks. Since none of the existing loss functions can be applied to all the settings, we explore many candidate loss functions for each setting including the existing and newly designed ones. We thoroughly evaluate their efficacy and find that some existing loss functions are suboptimal. Then, to improve the robustness of AS2T towards practical over-the-air attack, we study the possible distortions occurred in over-the-air transmission, utilize different transformation functions with different parameters to model those distortions, and incorporate them into the generation of adversarial voices. Our simulated over-the-air evaluation validates the effectiveness of our solution in producing robust adversarial voices which remain effective under various hardware devices and various acoustic environments with different reverberation, ambient noises, and noise levels. Finally, we leverage AS2T to perform thus far the largest-scale evaluation to understand transferability among 14 diverse SRSs. The transferability analysis provides many interesting and useful insights which challenge several findings and conclusion drawn in previous works in the image domain. Our study also sheds light on future directions of adversarial attacks in the speaker recognition domain. |
| URL | 查看原文 |
| 收录类别 | SCI ; SCIE ; EI |
| 来源库 | IEEE |
| 文献类型 | 期刊论文 |
| 条目标识符 | https://kms.shanghaitech.edu.cn/handle/2MSLDSTB/203460 |
| 专题 | 信息科学与技术学院_博士生 信息科学与技术学院_PI研究组_宋富组 |
| 作者单位 | 1.School of Information Science and Technology, ShanghaiTech University, Shanghai, China 2.Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences, Shanghai, China 3.University of Chinese Academy of Sciences, Beijing, China 4.College of Intelligence and Computing, Tianjin University, Tianjin, China 5.College of Cyber Science, Nankai University, Tianjin, China 6.School of Computer Science and Engineering, Nanyang Technological University, Singapore |
| 第一作者单位 | 信息科学与技术学院 |
| 第一作者的第一单位 | 信息科学与技术学院 |
| 推荐引用方式 GB/T 7714 | Guangke Chen,Zhe Zhao,Fu Song,et al. AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,2022,PP(99). |
| APA | Guangke Chen,Zhe Zhao,Fu Song,Sen Chen,Lingling Fan,&Yang Liu.(2022).AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems.IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING,PP(99). |
| MLA | Guangke Chen,et al."AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems".IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING PP.99(2022). |
| 条目包含的文件 | 下载所有文件 | |||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| 个性服务 |
| 查看访问统计 |
| 谷歌学术 |
| 谷歌学术中相似的文章 |
| [Guangke Chen]的文章 |
| [Zhe Zhao]的文章 |
| [Fu Song]的文章 |
| 百度学术 |
| 百度学术中相似的文章 |
| [Guangke Chen]的文章 |
| [Zhe Zhao]的文章 |
| [Fu Song]的文章 |
| 必应学术 |
| 必应学术中相似的文章 |
| [Guangke Chen]的文章 |
| [Zhe Zhao]的文章 |
| [Fu Song]的文章 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
修改评论
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。