Picture for Xiaojiao Chen

Xiaojiao Chen

GhostVec: A New Threat to Speaker Privacy of End-to-End Speech Recognition System

Add code
Nov 17, 2023
Xiaojiao Chen, Sheng Li, Jiyi Li, Hao Huang, Yang Cao, Liang He
Figure 1 for GhostVec: A New Threat to Speaker Privacy of End-to-End Speech Recognition System
Figure 2 for GhostVec: A New Threat to Speaker Privacy of End-to-End Speech Recognition System
Figure 3 for GhostVec: A New Threat to Speaker Privacy of End-to-End Speech Recognition System
Figure 4 for GhostVec: A New Threat to Speaker Privacy of End-to-End Speech Recognition System

Speaker adaptation systems face privacy concerns, for such systems are trained on private datasets and often overfitting. This paper demonstrates that an attacker can extract speaker information by querying speaker-adapted speech recognition (ASR) systems. We focus on the speaker information of a transformer-based ASR and propose GhostVec, a simple and efficient attack method to extract the speaker information from an encoder-decoder-based ASR system without any external speaker verification system or natural human voice as a reference. To make our results quantitative, we pre-process GhostVec using singular value decomposition (SVD) and synthesize it into waveform. Experiment results show that the synthesized audio of GhostVec reaches 10.83\% EER and 0.47 minDCF with target speakers, which suggests the effectiveness of the proposed method. We hope the preliminary discovery in this study to catalyze future speech recognition research on privacy-preserving topics.

* accepted in ACM Multimedia Asia 2023 
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Reprogramming Self-supervised Learning-based Speech Representations for Speaker Anonymization

Add code
Nov 17, 2023
Xiaojiao Chen, Sheng Li, Jiyi Li, Hao Huang, Yang Cao, Liang He
Figure 1 for Reprogramming Self-supervised Learning-based Speech Representations for Speaker Anonymization
Figure 2 for Reprogramming Self-supervised Learning-based Speech Representations for Speaker Anonymization
Figure 3 for Reprogramming Self-supervised Learning-based Speech Representations for Speaker Anonymization
Figure 4 for Reprogramming Self-supervised Learning-based Speech Representations for Speaker Anonymization

Current speaker anonymization methods, especially with self-supervised learning (SSL) models, require massive computational resources when hiding speaker identity. This paper proposes an effective and parameter-efficient speaker anonymization method based on recent End-to-End model reprogramming technology. To improve the anonymization performance, we first extract speaker representation from large SSL models as the speaker identifies. To hide the speaker's identity, we reprogram the speaker representation by adapting the speaker to a pseudo domain. Extensive experiments are carried out on the VoicePrivacy Challenge (VPC) 2022 datasets to demonstrate the effectiveness of our proposed parameter-efficient learning anonymization methods. Additionally, while achieving comparable performance with the VPC 2022 strong baseline 1.b, our approach consumes less computational resources during anonymization.

* accepted in ACM Multimedia Asia2023 
Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon