Speech Replay Detection with x-Vector Attack Embeddings and Spectral Features

Williams, Jennifer; Rownicka, Joanna

doi:10.21437/interspeech.2019-1760

Cited by 18 publications

(10 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For the ASVspoof 2019 PA scenario, 50 systems were submitted [19]. Many countermeasures used DNNs such as the CNN, light-CNN (LCNN), and residual network (ResNet) as backend systems [20], [21], [22], [23], [24], [25], [26]. For input features, spectrogram and phase information [22], [27], linear frequency cepstral coefficients (LFCC) [18], constant Q cepstral coefficients (CQCC) [17], Mel-frequency cepstral coefficients (MFCC), inverted MFCC (IMFCC) [28], and rectangular filter cepstral coefficients (RFCC) [29] were adopted.…”

Section: Asvspoof 2019 Resultsmentioning

confidence: 99%

Replay Attack Detection Based on Spatial and Spectral Features of Stereo Signal

Yaguchi

Shiota

Kiya

2021

Journal of Information Processing

View full text Add to dashboard Cite

In this paper, we propose a replay attack detection (RAD) method that uses spatial and spectral features of a stereo signal. To distinguish genuine and replayed utterance, we focus on non-speech segments, in which a human does not emit sound, but a loudspeaker for replay attack might emit some recorded noise or its electromagnetic noise. The generalized cross-correlation (GCC) based spatial features capture this difference. To improve the robustness against the variety of recording environments, we combine the spatial features with spectral features. In particular, we fuse the output scores of GCC-based and spectral feature-based methods. In experiments, we confirm the effectiveness of the combination of spatial and spectral features.

show abstract

Section: Asvspoof 2019 Resultsmentioning

confidence: 99%

Replay Attack Detection Based on Spatial and Spectral Features of Stereo Signal

Yaguchi

Shiota

Kiya

2021

Journal of Information Processing

View full text Add to dashboard Cite

show abstract

“…However, recent studies have shown that a well-trained ASV system could be deceived by malicious attacks [1][2][3]. In the last decade, the speaker verification community held several ASVspoof challenge competitions [4][5][6] to develop countermeasures mainly against replay [7,8], speech synthesis [9,10] and voice conversion [10,11] attacks.…”

Section: Introductionmentioning

confidence: 99%

“…A separate detection countermeasure has the following advantages: 1) It separates the defense part and speaker verification into two independent stages, which avoids retraining a well-developed ASV model. 2) Since most existing countermeasures for replay and synthetic speech attacks are based on a separate detection network [7][8][9], the proposed approach provides the feasibility to develop a unified countermeasure against all spoofing attacks.…”

Section: Introductionmentioning

confidence: 99%

Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification

Zhong

et al. 2020

Preprint

View full text Add to dashboard Cite

Recently adversarial attacks on automatic speaker verification (ASV) systems attracted widespread attention as they pose severe threats to ASV systems. However, methods to defend against such attacks are limited. Existing approaches mainly focus on retraining ASV systems with adversarial data augmentation. Also, countermeasure robustness against different attack settings are insufficiently investigated. Orthogonal to prior approaches, this work proposes to defend ASV systems against adversarial attacks with a separate detection network, rather than augmenting adversarial data into ASV training. A VGG-like binary classification detector is introduced and demonstrated to be effective on detecting adversarial samples. To investigate detector robustness in a realistic defense scenario where unseen attack settings exist, we analyze various attack settings and observe that the detector is robust (6.27% EER det degradation in the worst case) against unseen substitute ASV systems, but it has weak robustness (50.37% EER det degradation in the worst case) against unseen perturbation methods. The weak robustness against unseen perturbation methods shows a direction for developing stronger countermeasures.

show abstract

“…In which, the corpus has three subset, train, development, and evaluation set. According to ASVspoof 2019 challenge rule, tandem detection cost function (t-DCF) [56] and EER are used as the primary and secondary metric, respectively, which is the same as the previous works [57][58][59][60][61][62][63][64]. Table 10 gives the experimental results on ASVspoof 2019 physical access development set using dynamic features of CMOC and CVOC.…”

Section: Database Introduction and Evaluation Metricmentioning

confidence: 99%

Discriminative features based on modified log magnitude spectrum for playback speech detection

Yang

Ren³

et al. 2020

J AUDIO SPEECH MUSIC PROC.

View full text Add to dashboard Cite

In order to improve the performance of hand-crafted features to detect playback speech, two discriminative features, constant-Q variance-based octave coefficients and constant-Q mean-based octave coefficients, are proposed for playback speech detection in this work. They rely on our findings that variance-based modified log magnitude spectrum and mean-based modified log magnitude spectrum can enhance the discriminative power between genuine speech and playback speech. Then constant-Q variance-based octave coefficients (constant-Q mean-based octave coefficients) can be obtained by combining variance-based modified log magnitude spectrum (mean-based modified log magnitude spectrum), octave segmentation, and discrete cosine transform. Finally, constant-Q variance-based octave coefficients and constant-Q mean-based octave coefficients are evaluated on ASVspoof 2017 corpus version 2.0 and ASVspoof 2019 physical access, respectively. Experimental results show that variance-based modified log magnitude spectrum and mean-based modified log magnitude spectrum can produce discriminative features toward playback speech. Further results on the two databases show that constant-Q variance-based octave coefficients and constant-Q mean-based octave coefficients can perform better than some common features, such as mel frequency cepstral coefficients and constant-Q cepstral coefficients.

show abstract

Speech Replay Detection with x-Vector Attack Embeddings and Spectral Features

Cited by 18 publications

References 26 publications

Replay Attack Detection Based on Spatial and Spectral Features of Stereo Signal

Replay Attack Detection Based on Spatial and Spectral Features of Stereo Signal

Investigating Robustness of Adversarial Samples Detection for Automatic Speaker Verification

Discriminative features based on modified log magnitude spectrum for playback speech detection

Contact Info

Product

Resources

About