We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Adversarial Attack and Defense Strategies of Speaker Recognition Systems: A Survey.
- Authors
Tan, Hao; Wang, Le; Zhang, Huan; Zhang, Junjian; Shafiq, Muhammad; Gu, Zhaoquan
- Abstract
Speaker recognition is a task that identifies the speaker from multiple audios. Recently, advances in deep learning have considerably boosted the development of speech signal processing techniques. Speaker or speech recognition has been widely adopted in such applications as smart locks, smart vehicle-mounted systems, and financial services. However, deep neural network-based speaker recognition systems (SRSs) are susceptible to adversarial attacks, which fool the system to make wrong decisions by small perturbations, and this has drawn the attention of researchers to the security of SRSs. Unfortunately, there is no systematic review work in this domain. In this work, we conduct a comprehensive survey to fill this gap, which includes the development of SRSs, adversarial attacks and defenses against SRSs. Specifically, we first introduce the mainstream frameworks of SRSs and some commonly used datasets. Then, from the perspectives of adversarial example generation and evaluation, we introduce different attack tasks, the prior knowledge of attacks, perturbation objects, perturbation constraints, and attack effect evaluation indicators. Next, we focus on some effective defense strategies, including adversarial training, attack detection, and input refactoring against existing attacks, and analyze their strengths and weaknesses in terms of fidelity and robustness. Finally, we discuss the challenges posed by audio adversarial examples in SRSs and some valuable research topics in the future.
- Subjects
SMART locks; DEEP learning; SIGNAL processing; DECISION making; SPEECH perception; PRIOR learning
- Publication
Electronics (2079-9292), 2022, Vol 11, Issue 14, pN.PAG
- ISSN
2079-9292
- Publication type
Article
- DOI
10.3390/electronics11142183