On the vulnerability of speaker verification to realistic voice spoofing

Ergunay, Serife Kucur; Khoury, Elie; Lazaridis, Alexandros; Marcel, Sébastien

doi:10.1109/btas.2015.7358783

Cited by 94 publications

(72 citation statements)

References 27 publications

(28 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…APCER with BPCER are computed for Eval set of a given dataset using the EER threshold obtained from the Dev set from another dataset (see Table 1.4). Table 1.4: Performance of PAD systems in terms of average APCER (%), BPCER (%), and C llr of calibrated scores in cross-database testing on ASVspoof [4] and AVspoof [6] To avoid prior to the evaluations, the raw scores from each individual PAD system are pre-calibrated with logistic regression based on Platts sigmoid method [36] by modeling scores of the training set and applying the model on the scores from development and evaluation sets. The calibration cost C llr and the discrimination loss C min llr of the resulted calibrated scores are provided.…”

Section: Pads Failing To Generalizementioning

confidence: 99%

“…To our knowledge, the largest publicly available database containing speech presentation attacks is AVspoof [6] 2 . AVspoof database contains real (genuine) speech samples from 44 participants (31 males and 13 females) recorded over the period of two months in four sessions, each scheduled several days apart in different setups and environmental conditions such as background noises.…”

Section: Avspoof Databasementioning

confidence: 99%

“…Among these three, replay attack is the most viable attack, as the attacker mainly needs a recording and playback device. In the literature, it has been found that ASV systems, while immune to 'zero-effort' impostor claims and mimicry attacks [5], are vulnerable to such presentation attacks (PAs) [6]. One of the reasons for such vulnerability is a built-in ability of biometric systems in general, and ASV systems in particular, to handle undesirable variabilities.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Presentation attack detection in voice biometrics

Korshunov¹,

Marcel²

2017

User-Centric Privacy and Security in Biometrics

View full text Add to dashboard Cite

Recent years have shown an increase in both the accuracy of biometric systems and their practical use. The application of biometrics is becoming widespread with fingerprint sensors in smartphones, automatic face recognition in social networks and video-based applications, and speaker recognition in phone banking and other phone-based services. The popularization of the biometric systems, however, exposed their major flaw -high vulnerability to spoofing attacks [1]. A fingerprint sensor can be easily tricked with a simple glue-made mold, a face recognition system can be accessed using a printed photo, and a speaker recognition system can be spoofed with a replay of pre-recorded voice. The ease with which a biometric system can be spoofed demonstrates the importance of developing efficient anti-spoofing systems that can detect both known (conceivable now) and unknown (possible in the future) spoofing attacks.Therefore, it is important to develop mechanisms that can detect such attacks, and it is equally important for these mechanisms to be seamlessly integrated into existing biometric systems for practical and attack-resistant solutions. To be practical, however, an attack detection should have (i) high accuracy, (ii) be well-generalized for different attacks, and (iii) be simple and efficient.One reason for the increasing demand for effective presentation attack detection (PAD) systems is the ease of access to people's biometric data. So often, a potential attacker can almost effortlessly obtain necessary biometric samples from social networks, including facial images, audio and video recordings, and even extract fingerprints from high resolution images. Therefore, various privacy protection solutions, such as legal privacy requirements and algorithms for obfuscating personal information, e.g., visual privacy filters [2], as well as, social awareness of threats to privacy can also increase security of personal information and potentially reduce the vulnerability of biometric systems.In this chapter, however, we focus on presentation attacks detection in voice biometrics, i.e., automatic speaker verification (ASV) systems. We discuss vulnerabilities of these systems to presentation attacks (PAs), present different state of the art 1

show abstract

Section: Pads Failing To Generalizementioning

confidence: 99%

Section: Avspoof Databasementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Presentation attack detection in voice biometrics

Korshunov¹,

Marcel²

2017

User-Centric Privacy and Security in Biometrics

View full text Add to dashboard Cite

show abstract

“…Recently, a database, called AVspoof 2 [5], with several replay-based attacks (logical access attacks are also provided) became publicly available. It contains a comprehensive set of presentation attacks, including, (i) the direct replay attacks when a genuine data is played back using a laptop and two phones (Samsung Galaxy S4 and iPhone 3G), (ii) synthesized speech replayed with a laptop, and (iii) an attack data, generated using a voice conversion algorithm, replayed with a laptop.…”

Section: Introductionmentioning

confidence: 99%

Impact of Score Fusion on Voice Biometrics and Presentation Attack Detection in Cross-Database Evaluations

Korshunov

Marcel

2017

IEEE J. Sel. Top. Signal Process.

Self Cite

View full text Add to dashboard Cite

Abstract-Research in the area of automatic speaker verification (ASV) has advanced enough for the industry to start using ASV systems in practical applications. However, these systems are highly vulnerable to spoofing or presentation attacks, limiting their wide deployment. Therefore, it is important to develop mechanisms that can detect such attacks, and it is equally important for these mechanisms to be seamlessly integrated into existing ASV systems for practical and attack-resistant solutions. To be practical, however, an attack detection should have (i) high accuracy, (ii) be well-generalized for different attacks, and (iii) be simple and efficient. Several audio-based presentation attack detection (PAD) methods have been proposed recently but their evaluation was usually done on a single, often obscure, database with limited number of attacks. Therefore, in this paper, we conduct an extensive study of eight state of the art PAD methods and evaluate their ability to detect known and unknown attacks (e.g., in a cross-database scenario) using two major publicly available speaker databases with spoofing attacks: AVspoof and ASVspoof. We investigate whether combining several PAD systems via score fusion can improve attack detection accuracy. We also study the impact of fusing PAD systems (via parallel and cascading schemes) with two i-vector and inter-session variability (ISV)-based ASV systems on the overall performance in both bona fide (no attacks) and spoof scenarios. The evaluation results question the efficiency and practicality of the existing PAD systems, especially when comparing results for individual databases and cross-database data. Fusing several PAD systems can lead to a slightly improved performance, however, how to select which systems to fuse remains an open question. Joint ASV-PAD systems show a significantly increased resistance to the attacks at the expense of slightly degraded performance for bona fide scenarios.

show abstract

“…These spoofing attacks were generated using different voice conversion and speech synthesis techniques. During and after the ASVspoof2015 challenge, many countermeasures based on spectral amplitude, phase [5][6][7][10][11][12][13][14][15][16][17][18][19], and combined amplitude-phase [8][9], have been used for spoofing detection. Some recent studies using the ASVspoof2015 corpus include constant Q cepstral coefficients [7], pitch contour and strength of excitation [19] for spoofing detection, and analyses of robustness of spoofing detection systems in the presence of additive and convolutive noise [15,16].…”

Section: Introductionmentioning

confidence: 99%

Spoofing detection employing infinite impulse response — constant Q transform-based feature representations

Alam

Kenny

2017

2017 25th European Signal Processing Conference (EUSIPCO)

View full text Add to dashboard Cite

Abstract-Speaker recognition researchers acknowledge that systems which aim to verify speakers automatically based on their pronunciation of an utterance are vulnerable to spoofing attacks using voice conversion and speech synthesis technologies. The first automatic speaker verification spoofing and countermeasures challenge (ASVspoof2015) was designed to stimulate interest in this problem among the speaker recognition communities. In the course of the challenge and subsequently, it became clear that the most effective countermeasures against spoofing attacks are low-level acoustic features (typically extracted at 10 ms intervals) designed to detect artifacts in synthetic or voice converted speech. In this work, we demonstrate the effectiveness of the infinite impulse responseconstant Q transform (IIR-CQT) spectrum-based cepstral coefficients (ICQC) as anti-spoofing front-end. The IIR-CQT spectrum is estimated by filtering the multi-resolution fast Fourier transform with an infinite impulse response filter. These features can be used on their own with a standard Gaussian mixture model backend to detect spoofing attacks or they can be used in tandem with bottleneck features which are extracted from a bottleneck layer in a deep neural network designed to discriminate between synthetic and natural speech. We show that the ICQC features are capable of producing very low equal error rates on the individual spoofing attacks in the ASVspoof2015 data set (0.02% on the known attacks, 0.23% on the unknown attacks, and 0.13% on average). Moreover, with a single decision threshold (common to all of the attacks), the ICQC front end yielded an equal error rate of 0.20%.

show abstract

On the vulnerability of speaker verification to realistic voice spoofing

Cited by 94 publications

References 27 publications

Presentation attack detection in voice biometrics

Presentation attack detection in voice biometrics

Impact of Score Fusion on Voice Biometrics and Presentation Attack Detection in Cross-Database Evaluations

Spoofing detection employing infinite impulse response — constant Q transform-based feature representations

Contact Info

Product

Resources

About