针对说话人识别系统的可转移通用对抗性扰动

World Wide Web Pub Date : 2024-05-09 DOI:10.1007/s11280-024-01274-3

Xiaochen Liu, Hao Tan, Junjian Zhang, Aiping Li, Zhaoquan Gu

{"title":"针对说话人识别系统的可转移通用对抗性扰动","authors":"Xiaochen Liu, Hao Tan, Junjian Zhang, Aiping Li, Zhaoquan Gu","doi":"10.1007/s11280-024-01274-3","DOIUrl":null,"url":null,"abstract":"<p>Deep neural networks (DNN) exhibit powerful feature extraction capabilities, making them highly advantageous in numerous tasks. DNN-based techniques have become widely adopted in the field of speaker recognition. However, imperceptible adversarial perturbations can severely disrupt the decisions made by DNNs. In addition, researchers identified universal adversarial perturbations that can efficiently and significantly attack deep neural networks. In this paper, we propose an algorithm for conducting effective universal adversarial attacks by investigating the dominant features in the speaker recognition task. Through experiments in various scenarios, we find that our perturbations are not only more effective and undetectable but also exhibit a certain degree of transferablity across different datasets and models.</p>","PeriodicalId":501180,"journal":{"name":"World Wide Web","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Transferable universal adversarial perturbations against speaker recognition systems\",\"authors\":\"Xiaochen Liu, Hao Tan, Junjian Zhang, Aiping Li, Zhaoquan Gu\",\"doi\":\"10.1007/s11280-024-01274-3\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Deep neural networks (DNN) exhibit powerful feature extraction capabilities, making them highly advantageous in numerous tasks. DNN-based techniques have become widely adopted in the field of speaker recognition. However, imperceptible adversarial perturbations can severely disrupt the decisions made by DNNs. In addition, researchers identified universal adversarial perturbations that can efficiently and significantly attack deep neural networks. In this paper, we propose an algorithm for conducting effective universal adversarial attacks by investigating the dominant features in the speaker recognition task. Through experiments in various scenarios, we find that our perturbations are not only more effective and undetectable but also exhibit a certain degree of transferablity across different datasets and models.</p>\",\"PeriodicalId\":501180,\"journal\":{\"name\":\"World Wide Web\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-05-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"World Wide Web\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1007/s11280-024-01274-3\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"World Wide Web","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s11280-024-01274-3","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

深度神经网络（DNN）具有强大的特征提取能力，因此在许多任务中都极具优势。基于 DNN 的技术已被广泛应用于扬声器识别领域。然而，难以察觉的对抗性扰动会严重破坏 DNN 做出的决策。此外，研究人员还发现了可以高效、显著地攻击深度神经网络的通用对抗扰动。在本文中，我们通过研究说话人识别任务中的主要特征，提出了一种进行有效通用对抗攻击的算法。通过在各种场景中的实验，我们发现我们的扰动不仅更有效、更不易被检测到，而且在不同数据集和模型中表现出一定程度的可转移性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

摘要图片

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Transferable universal adversarial perturbations against speaker recognition systems

Deep neural networks (DNN) exhibit powerful feature extraction capabilities, making them highly advantageous in numerous tasks. DNN-based techniques have become widely adopted in the field of speaker recognition. However, imperceptible adversarial perturbations can severely disrupt the decisions made by DNNs. In addition, researchers identified universal adversarial perturbations that can efficiently and significantly attack deep neural networks. In this paper, we propose an algorithm for conducting effective universal adversarial attacks by investigating the dominant features in the speaker recognition task. Through experiments in various scenarios, we find that our perturbations are not only more effective and undetectable but also exhibit a certain degree of transferablity across different datasets and models.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

World Wide Web

自引率

0.00%

发文量