Malafide: A Novel Adversarial Convolutive Noise Attack Against Deepfake And Spoofing Detection Systems
2023 Β· Michele Panariello, Wanying Ge, Hemlata Tak, et al.
Abstract
We present Malafide, a universal adversarial attack against automatic speaker verification (ASV) spoofing countermeasures (CMs). By introducing convolutional noise using an optimised linear time-invariant filter, Malafide attacks can be used to compromise CM reliability while preserving other speech attributes such as quality and the speaker's voice. In contrast to other adversarial attacks proposed recently, Malafide filters are optimised independently of the input utterance and duration, are tuned instead to the underlying spoofing attack, and require the optimisation of only a small number of filter coefficients. Even so, they degrade CM performance estimates by an order of magnitude, even in black-box settings, and can also be configured to overcome integrated CM and ASV subsystems. Integrated solutions that use self-supervised learning CMs, however, are more robust, under both black-box and white-box settings.
Authors
(none)
Tags
Stats
Related papers
- Malacopula: Adversarial Automatic Speaker Verification Attacks Using A Neural-based Generalised Hammerstein Model (2024)6.34
- Toward Improving Synthetic Audio Spoofing Detection Robustness Via Meta-learning And Disentangled Training With Adversarial Examples (2024)6.77
- Automatic Speaker Verification Spoofing And Deepfake Detection Using Wav2vec 2.0 And Data Augmentation (2022)17.35
- Securing Voice Biometrics: One-shot Learning Approach For Audio Deepfake Detection (2023)9.03
- Adversarial Attacks On Audio Deepfake Detection: A Benchmark And Comparative Study (2025)0.00
- Transforming Acoustic Characteristics To Deceive Playback Spoofing Countermeasures Of Speaker Verification Systems (2018)6.34
- Deep Residual Neural Networks For Audio Spoofing Detection (2019)0.00
- The Codecfake Dataset And Countermeasures For The Universally Detection Of Deepfake Audio (2024)10.97