Attacking Speaker Recognition With Deep Generative Models
This work addresses security vulnerabilities in speaker authentication systems, though it is incremental as it builds on existing GAN methods.
The paper tackled the problem of spoofing attacks on speaker recognition systems by using a modified Wasserstein GAN objective to synthesize attacks, achieving both targeted and untargeted attacks that raise security concerns.
In this paper we investigate the ability of generative adversarial networks (GANs) to synthesize spoofing attacks on modern speaker recognition systems. We first show that samples generated with SampleRNN and WaveNet are unable to fool a CNN-based speaker recognition system. We propose a modification of the Wasserstein GAN objective function to make use of data that is real but not from the class being learned. Our semi-supervised learning method is able to perform both targeted and untargeted attacks, raising questions related to security in speaker authentication systems.