Voice biometrics spoof detection catching up, EAB speaker says
Voice biometric systems, counter-measures against attacks against them, and our understanding of how well those counter-measures work have come a long way since Robert Redford spoofed a biometric speaker verification in the 1992 film ‘Sneakers,’ attendees of a recent virtual lunch talk presented by the European Association for Biometrics (EAB) heard.
EURECOM Professor of Audio Security and Privacy Nicholas Evans delivered the presentation on ‘Secure Voice Biometrics: Deepfake Speech Detection and ASVspoof’ (the Automatic Speaker Verification Spoofing and Countermeasures research community initiative).
“I think the way we are assessing spoofing and spoofing counter-measures in my field is perhaps quite different to the way that it’s done in other fields,” he said, during his introductory remarks.
Tandem detection cost function (t-DCF) is used in speech research, for instance, to evaluate the impact of both spoofing and counter-measures. This provides a different ranking of counter-measures than if the effect on the biometric system is not taken into account, Evans says.
He delved into how speech is produced and measured for analysis by computers, the challenges inherent to the project, and the state of both the technology’s scientific and market evolution.
The accuracy of speaker recognition is higher than sometimes considered, according to Evans, as it is highly variable depending on the circumstances and details of the implementation.
One key difference between presentation attacks against voice biometric systems is that the sensor, or microphone, is typically not controlled by the system operator. This is the case, for instance, in the telephony channel, and as Evans points out, it means attacks can be applied to the sensor, as is normally the case in spoofs of other biometric modalities, or after it, in injection attacks.
Building up research base with ASVspoof
Limitations to prior work on voice spoofing include incompatible datasets and metrics, with the same groups of people creating the spoofs and countermeasures in some cases.
This is a major motivation behind the foundation of ASVspoof.
Evans described how the ASVspoof methodology departed from past research in speaker verification spoof detection, and how it has continued to evolve since it was first run.
He played five speech samples, and challenged his audience to identify the spoofs by ear. It was not easy. The best automated spoof detection systems are scoring well, however, and appear to be able to detect most attacks.
While the voice biometric field was behind other modalities in terms of anti-spoofing research a decade ago, Evans says, it has now largely caught up.
Evans provided detail on how counter-measures for speaker verification spoof attacks are evaluated with t-DCF, and what it says about the current state-of-the-art.
The quality of both speech biometric spoofing counter-measures and measuring the effectiveness of those tools, but “it’s going to be an unsolved problem for a time to come.”