Diffattack: Diffusion-based Timbre-reserved Adversarial Attack In Speaker Identification
2025 Β· Qing Wang, Jixun Yao, Zhaokai Sun, et al.
Abstract
Being a form of biometric identification, the security of the speaker identification (SID) system is of utmost importance. To better understand the robustness of SID systems, we aim to perform more realistic attacks in SID, which are challenging for both humans and machines to detect. In this study, we propose DiffAttack, a novel timbre-reserved adversarial attack approach that exploits the capability of a diffusion-based voice conversion (DiffVC) model to generate adversarial fake audio with distinct target speaker attribution. By introducing adversarial constraints into the generative process of the diffusion-based voice conversion model, we craft fake samples that effectively mislead target models while preserving speaker-wise characteristics. Specifically, inspired by the use of randomly sampled Gaussian noise in conventional adversarial attacks and diffusion processes, we incorporate adversarial constraints into the reverse diffusion process. These constraints subtly guide the rev
Authors
(none)
Tags
Stats
Related papers
- Pseudo-siamese Network Based Timbre-reserved Black-box Adversarial Attack In Speaker Identification (2023)0.00
- Attacking Voice Anonymization Systems With Augmented Feature And Speaker Identity Difference (2024)6.34
- Impact Of Phonetics On Speaker Identity In Adversarial Voice Attack (2025)0.00
- Symmetric Saliency-based Adversarial Attack To Speaker Identification (2022)8.60
- Inaudible Adversarial Perturbations For Targeted Attack In Speaker Recognition (2020)12.33
- Diffusion-based Adversarial Purification For Speaker Verification (2023)6.34
- Privacy-utility Balanced Voice De-identification Using Adversarial Examples (2022)0.00
- Detecting And Defending Against Adversarial Attacks On Automatic Speech Recognition Via Diffusion Models (2024)2.26