Please note: This PhD seminar will be given online.
Andre Kassis, PhD candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Urs Hengartner
Voice authentication has become an integral part of numerous services with which we interact today, such as banks. Voice authentication systems consist of two components: an automatic speaker verification system (ASV) and a spoofing countermeasure. The widespread application of voice authentication systems and the major role they play in our lives mandate that we scrutinize them to understand their security guarantees. Yet, we find that all previously proposed attacks fail to compromise real-world deployments of such authentication mechanisms, leading to a false sense of security.
In this work, we challenge the long-standing convention of the purported robustness of practical voice authentication systems. We investigate these systems to identify potential attack vectors, and devise the first practical attack on these mechanisms that bypasses both the ASV and the countermeasure. Our key contribution is a novel joint loss function that enables mounting advanced adversarial attacks directly in the raw time domain, leading to the generation of high-quality adversarial examples. The attacks we propose have more severe repercussions than previously known adversarial examples against ASVs, since they are crafted from spoofed speech in the victim’s voice, eliminating the possibility to challenge their authenticity to revert the damages. Finally, we demonstrate the first over-telephony-network adversarial attack on ASVs, proving the ability to circumvent this defense over phone calls, and enabling a variety of potential threats, given the increased use of voice authentication in call centers. All of our attacks are evaluated in the black-box setting and achieve high success rates of up to 93.57% while circumventing several defense mechanisms simultaneously. Our results call into question the validity of voice authentication systems and highlight the need for more advanced defenses.
To join this PhD seminar on BigBlueButton, please go to https://bbb.crysp.org/b/and-td7-zj2.
200 University Avenue West
Waterloo, ON N2L 3G1