| Presentation | 2020-03-02 Vulnerability investigation of speaker verification against black-box adversarial attacks Hiroto Kai, Sayaka Shiota, Hitoshi Kiya, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Recently,vulnerability against adversarial attacks is being feared for machine learning-based systems.Adversarial attacks are aimed to intentionally change results of systems based on machine learning algorithms. Data which a small noise is added to an original speech are called perturbation. The perturbation is estimated by using adversarial structured neural networks, and the generated data are almost indistinguishable by a human when compared to the original data. Biometric authentication systems which are used as a primarily means for user authentication in applications like internet banking and online shopping are also pointed out in terms of vulnerability against such adversarial attacks. The same can be said for speaker verification (SV), one of the biometric authentication,however its robustness has not been indicated experimentally. Therefore,we investigated the change in accuracy when attacking a system where the internal design is unexpected using adversarial attacks.In our experiments,we have evaluated the results when inputting generated adversarial examples and audios mixed with white noise to SV systems,and analyzed the vulnerability of speaker verification against adversarial attacks.From the results, the performances of SV systems became worse when the generated adversarial examples were inputted, compared with audio with white noise were inputted. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | adversarial attack / speaker verification / black-box attack |
| Paper # | EA2019-106,SIP2019-108,SP2019-55 |
| Date of Issue | 2020-02-24 (EA, SIP, SP) |
| Conference Information | |
| Committee | SP / EA / SIP |
|---|---|
| Conference Date | 2020/3/2(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Okinawa Industry Support Center |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | Hisashi Kawai(NICT) / Kenichi Furuya(Oita Univ.) / Naoyuki Aikawa(TUS) |
| Vice Chair | Akinobu Ri(Nagoya Inst. of Tech.) / Suehiro Shimauchi(Kanazawa Inst. of Tech.) / Shigeto Takeoka(Shizuoka Inst. of Science and Tech.) / Kazunori Hayashi(Osaka City Univ) / Yukihiro Bandou(NTT) |
| Secretary | Akinobu Ri(Kyoto Univ.) / Suehiro Shimauchi(Waseda Univ.) / Shigeto Takeoka(NHK) / Kazunori Hayashi(Univ. of Tokyo) / Yukihiro Bandou(Hiroshima Univ.) |
| Assistant | Tomoki Koriyama(Univ. of Tokyo) / Yusuke Ijima(NTT) / Keisuke Imoto(Ritsumeikan Univ.) / Daisuke Morikawa(Toyama Pref Univ.) / Kenjiro Sugimoto(Waseda Univ.) |
| Paper Information | |
| Registration To | Technical Committee on Speech / Technical Committee on Engineering Acoustics / Technical Committee on Signal Processing |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Vulnerability investigation of speaker verification against black-box adversarial attacks |
| Sub Title (in English) | |
| Keyword(1) | adversarial attack |
| Keyword(2) | speaker verification |
| Keyword(3) | black-box attack |
| 1st Author's Name | Hiroto Kai |
| 1st Author's Affiliation | Tokyo Metropolitan University(TMU) |
| 2nd Author's Name | Sayaka Shiota |
| 2nd Author's Affiliation | Tokyo Metropolitan University(TMU) |
| 3rd Author's Name | Hitoshi Kiya |
| 3rd Author's Affiliation | Tokyo Metropolitan University(TMU) |
| Date | 2020-03-02 |
| Paper # | EA2019-106,SIP2019-108,SP2019-55 |
| Volume (vol) | vol.119 |
| Number (no) | EA-439,SIP-440,SP-441 |
| Page | pp.pp.29-33(EA), pp.29-33(SIP), pp.29-33(SP), |
| #Pages | 5 |
| Date of Issue | 2020-02-24 (EA, SIP, SP) |