Adversarial Defense For Deep Speaker Recognition Using Hybrid Adversarial Training
2020 Β· Monisankha Pal, Arindam Jati, Raghuveer Peri, et al.
Abstract
Deep neural network based speaker recognition systems can easily be deceived by an adversary using minuscule imperceptible perturbations to the input speech samples. These adversarial attacks pose serious security threats to the speaker recognition systems that use speech biometric. To address this concern, in this work, we propose a new defense mechanism based on a hybrid adversarial training (HAT) setup. In contrast to existing works on countermeasures against adversarial attacks in deep speaker recognition that only use class-boundary information by supervised cross-entropy (CE) loss, we propose to exploit additional information from supervised and unsupervised cues to craft diverse and stronger perturbations for adversarial training. Specifically, we employ multi-task objectives using CE, feature-scattering (FS), and margin losses to create adversarial perturbations and include them for adversarial training to enhance the robustness of the model. We conduct speaker recognition expe
Authors
(none)
Tags
Stats
Related papers
- Adversarial Attack And Defense Strategies For Deep Speaker Recognition Systems (2020)13.39
- Inaudible Adversarial Perturbations For Targeted Attack In Speaker Recognition (2020)12.33
- Hiddenspeaker: Generate Imperceptible Unlearnable Audios For Speaker Verification System (2024)2.26
- Towards Understanding And Mitigating Audio Adversarial Examples For Speaker Recognition (2022)11.67
- Adversarial Training For Multi-domain Speaker Recognition (2020)6.77
- Audio Adversarial Examples For Robust Hybrid Ctc/attention Speech Recognition (2020)3.58
- Speaker De-identification System Using Autoencoders And Adversarial Training (2020)0.00
- Adapting End-to-end Neural Speaker Verification To New Languages And Recording Conditions With Adversarial Training (2018)9.59