V2S attack: building DNN-based voice conversion from automatic speaker verification

Nakamura, Takaki; Saito, Yuki; Takamichi, Shinnosuke; Ijima, Yusuke; Saruwatari, Hiroshi

doi:10.21437/ssw.2019-29

Cited by 4 publications

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, from the acoustic signal, speaker verification system extracts features closely related to the identity of speakers, rather than those related to semantics. Since it performs different task than speech recognition system, in our systematization, we do not consider those attacks or defense works in the speaker verification domain [21], [42], [56], [66]- [68], [76], [113], [119], [131]. Second, we do not consider exploiting vulnerabilities in other applications, operating systems, or even hardware [9], [52], [74], [121], [143], [149] to indirectly attack ASR, since our intention is to study the inherent "vulnerabilities" residing in ASR itself.…”

Section: Scope Of This Sokmentioning

confidence: 99%

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems

Chen¹,

Zhang²,

Yuan³

et al. 2021

Preprint

View full text Add to dashboard Cite

With the wide use of Automatic Speech Recognition (ASR) in applications such as human machine interaction, simultaneous interpretation, audio transcription, etc., its security protection becomes increasingly important. Although recent studies have brought to light the weaknesses of popular ASR systems that enable out-of-band signal attack, adversarial attack, etc., and further proposed various remedies (signal smoothing, adversarial training, etc.), a systematic understanding of ASR security (both attacks and defenses) is still missing, especially on how realistic such threats are and how general existing protection could be. In this paper, we present our systematization of knowledge for ASR security and provide a comprehensive taxonomy for existing work based on a modularized workflow. More importantly, we align the research in this domain with that on security in Image Recognition System (IRS), which has been extensively studied, using the domain knowledge in the latter to help understand where we stand in the former. Generally, both IRS and ASR are perceptual systems. Their similarities allow us to systematically study existing literature in ASR security based on the spectrum of attacks and defense solutions proposed for IRS, and pinpoint the directions of more advanced attacks and the directions potentially leading to more effective protection in ASR. In contrast, their differences, especially the complexity of ASR compared with IRS, help us learn unique challenges and opportunities in ASR security. Particularly, our experimental study shows that transfer attacks across ASR models is feasible, even in the absence of knowledge about models (even their types) and training data.

show abstract

Section: Scope Of This Sokmentioning

confidence: 99%

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems

Chen¹,

Zhang²,

Yuan³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

SpecAugment Impact on Automatic Speaker Verification System

Faisal

Suyanto

2019

2019 International Seminar on Research of Information Technology and Intelligent Systems (ISRITI)

View full text Add to dashboard Cite

Optimizing Voice Conversion Network with Cycle Consistency Loss of Speaker Identity

Tian

Xie

et al. 2021

2021 IEEE Spoken Language Technology Workshop (SLT)

View full text Add to dashboard Cite

We propose a novel training scheme to optimize voice conversion network with a speaker identity loss function. The training scheme not only minimizes frame-level spectral loss, but also speaker identity loss. We introduce a cycle consistency loss that constrains the converted speech to maintain the same speaker identity as reference speech at utterance level. While the proposed training scheme is applicable to any voice conversion networks, we formulate the study under the average model voice conversion framework in this paper. Experiments conducted on CMU-ARCTIC and CSTR-VCTK corpus confirm that the proposed method outperforms baseline methods in terms of speaker similarity.

show abstract

V2S attack: building DNN-based voice conversion from automatic speaker verification

Cited by 4 publications

References 20 publications

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems

SoK: A Modularized Approach to Study the Security of Automatic Speech Recognition Systems

SpecAugment Impact on Automatic Speaker Verification System

Optimizing Voice Conversion Network with Cycle Consistency Loss of Speaker Identity

Contact Info

Product

Resources

About