| Paper ID | SPE-38.2 |
| Paper Title |
ADVERSARIAL DEFENSE FOR AUTOMATIC SPEAKER VERIFICATION BY CASCADED SELF-SUPERVISED LEARNING MODELS |
| Authors |
Haibin Wu, National Taiwan University, Taiwan; Xu Li, The Chinese University of Hong Kong, Hong Kong SAR China; Andy Liu, National Taiwan university, Taiwan; Zhiyong Wu, Shenzhen International Graduate School, Tsinghua University, China; Helen Meng, The Chinese University of Hong Kong, Hong Kong SAR China; Hung-yi Lee, National Taiwan University, Taiwan |
| Session | SPE-38: Speaker Recognition 6: Self-supervised and Unsupervised Learning |
| Location | Gather.Town |
| Session Time: | Thursday, 10 June, 14:00 - 14:45 |
| Presentation Time: | Thursday, 10 June, 14:00 - 14:45 |
| Presentation |
Poster
|
| Topic |
Speech Processing: [SPE-SPKR] Speaker Recognition and Characterization |
| IEEE Xplore Open Preview |
Click here to view in IEEE Xplore |
| Virtual Presentation |
Click here to watch in the Virtual Conference |
| Abstract |
Automatic speaker verification (ASV) is one of the core technologies in biometric identification. With the ubiquitous usage of ASV systems in safety-critical applications, more and more malicious attackers attempt to launch adversarial attacks at ASV systems. In the midst of the arms race between attack and defense in ASV, how to effectively improve the robustness of ASV against adversarial at-tacks remains an open question. We note that the self-supervised learning models possess the ability to mitigate superficial perturbations in the input after pretraining. Hence, with the goal of effective defense in ASV against adversarial attacks, we propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks in scenarios where attackers may either be aware or unaware of the self-supervised learning model. |
