当前位置:
X-MOL 学术
›
arXiv.cs.CR
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Practical Attacks on Voice Spoofing Countermeasures
arXiv - CS - Cryptography and Security Pub Date : 2021-07-30 , DOI: arxiv-2107.14642 Andre Kassis, Urs Hengartner
arXiv - CS - Cryptography and Security Pub Date : 2021-07-30 , DOI: arxiv-2107.14642 Andre Kassis, Urs Hengartner
Voice authentication has become an integral part in security-critical
operations, such as bank transactions and call center conversations. The
vulnerability of automatic speaker verification systems (ASVs) to spoofing
attacks instigated the development of countermeasures (CMs), whose task is to
tell apart bonafide and spoofed speech. Together, ASVs and CMs form today's
voice authentication platforms, advertised as an impregnable access control
mechanism. We develop the first practical attack on CMs, and show how a
malicious actor may efficiently craft audio samples to bypass voice
authentication in its strictest form. Previous works have primarily focused on
non-proactive attacks or adversarial strategies against ASVs that do not
produce speech in the victim's voice. The repercussions of our attacks are far
more severe, as the samples we generate sound like the victim, eliminating any
chance of plausible deniability. Moreover, the few existing adversarial attacks
against CMs mistakenly optimize spoofed speech in the feature space and do not
take into account the existence of ASVs, resulting in inferior synthetic audio
that fails in realistic settings. We eliminate these obstacles through our key
technical contribution: a novel joint loss function that enables mounting
advanced adversarial attacks against combined ASV/CM deployments directly in
the time domain. Our adversarials achieve concerning black-box success rates
against state-of-the-art authentication platforms (up to 93.57\%). Finally, we
perform the first targeted, over-telephony-network attack on CMs, bypassing
several challenges and enabling various potential threats, given the increased
use of voice biometrics in call centers. Our results call into question the
security of modern voice authentication systems in light of the real threat of
attackers bypassing these measures to gain access to users' most valuable
resources.
中文翻译:
语音欺骗对策的实际攻击
语音身份验证已成为安全关键操作(例如银行交易和呼叫中心对话)中不可或缺的一部分。自动说话人验证系统 (ASV) 对欺骗攻击的脆弱性促使了对策 (CM) 的发展,其任务是区分真实和欺骗性语音。ASV 和 CM 共同构成了当今的语音认证平台,被宣传为一种坚不可摧的访问控制机制。我们开发了对 CM 的第一次实际攻击,并展示了恶意行为者如何有效地制作音频样本以最严格的形式绕过语音身份验证。以前的工作主要集中在针对 ASV 的非主动攻击或对抗策略,这些 ASV 不会在受害者的声音中产生语音。我们袭击的后果要严重得多,作为样本,我们生成的声音就像受害者一样,消除了任何似是而非的否认的可能性。此外,现有的少数针对 CM 的对抗性攻击错误地优化了特征空间中的欺骗语音,并且没有考虑 ASV 的存在,导致合成音频在现实环境中失败。我们通过我们的关键技术贡献消除了这些障碍:一种新颖的联合损失函数,可以直接在时域中对组合的 ASV/CM 部署进行高级对抗性攻击。我们的对手在最先进的身份验证平台上实现了相关的黑盒成功率(高达 93.57\%)。最后,我们对 CM 进行了第一次有针对性的电话网络攻击,绕过了几个挑战并实现了各种潜在威胁,鉴于在呼叫中心越来越多地使用语音生物识别技术。鉴于攻击者绕过这些措施以获取用户最宝贵资源的访问权限的真正威胁,我们的结果对现代语音身份验证系统的安全性提出了质疑。
更新日期:2021-08-02
中文翻译:
语音欺骗对策的实际攻击
语音身份验证已成为安全关键操作(例如银行交易和呼叫中心对话)中不可或缺的一部分。自动说话人验证系统 (ASV) 对欺骗攻击的脆弱性促使了对策 (CM) 的发展,其任务是区分真实和欺骗性语音。ASV 和 CM 共同构成了当今的语音认证平台,被宣传为一种坚不可摧的访问控制机制。我们开发了对 CM 的第一次实际攻击,并展示了恶意行为者如何有效地制作音频样本以最严格的形式绕过语音身份验证。以前的工作主要集中在针对 ASV 的非主动攻击或对抗策略,这些 ASV 不会在受害者的声音中产生语音。我们袭击的后果要严重得多,作为样本,我们生成的声音就像受害者一样,消除了任何似是而非的否认的可能性。此外,现有的少数针对 CM 的对抗性攻击错误地优化了特征空间中的欺骗语音,并且没有考虑 ASV 的存在,导致合成音频在现实环境中失败。我们通过我们的关键技术贡献消除了这些障碍:一种新颖的联合损失函数,可以直接在时域中对组合的 ASV/CM 部署进行高级对抗性攻击。我们的对手在最先进的身份验证平台上实现了相关的黑盒成功率(高达 93.57\%)。最后,我们对 CM 进行了第一次有针对性的电话网络攻击,绕过了几个挑战并实现了各种潜在威胁,鉴于在呼叫中心越来越多地使用语音生物识别技术。鉴于攻击者绕过这些措施以获取用户最宝贵资源的访问权限的真正威胁,我们的结果对现代语音身份验证系统的安全性提出了质疑。
京公网安备 11010802027423号