The Vocal Adversary: Privacy Protection by Voice
| dc.contributor.advisor | Larson, M.A. | |
| dc.contributor.advisor | Bosch, ten, L.F.M. | |
| dc.contributor.author | Bemmel, van, Loes | |
| dc.date.issued | 2022-12-01 | |
| dc.description.abstract | Many privacy sensitive attributes such as gender, age, emotion and health of a speaker can be obtained just by their voice. Users of voice controlled devices, i.e. Smart Voice Assistants (SVAs) are often unaware of the privacy risks of voice input. So-called inference attacks specifically target the privacy sensitive attributes from a voice and are very successful with Deep Neural Networks. Proposed protective measures against inference attacks often also rely on neural networks to obfuscate privacy sensitive attributes from speech. Neural-on-neural methods are successful in the white-box case where the attacker neural network is known. Here, the protective computational perturbations can be sufficiently small to not disrupt the utility of the Automatic Speech Recognition (ASR) system that is needed to use the SVA. However, we find that additionally to being unpractical and not realistic for the use case of SVAs, neural adversaries are not successful when trying to protect against inference attacks that are based on speech features. Instead we propose the vocal adversary: a person using their voice to obfuscate privacy sensitive paralinguistic attributes. The experiments in this thesis specifically focus on gender obfuscation and before-the-mic protection. By examining successful neural adversaries with the use of speech features historically developed by speech scientists that link back to the speech mechanisms, it is revealed what speech features are useful for gender obfuscation. The vocal adversary leverages these features to protect against both neural and feature-based gender inference attacks without losing utility of the voice control. The vocal adversary is intended to provide a realistic everyday protection against inference attacks without requiring extensive effort on behalf of the SVA user. While more research is necessary, this thesis provides a step away from solely neural methods and towards more interpretable non-computational methods that are realistic to use in a daily manner. | |
| dc.identifier.uri | https://theses.ubn.ru.nl/handle/123456789/16391 | |
| dc.language.iso | en | |
| dc.thesis.faculty | Faculteit der Sociale Wetenschappen | |
| dc.thesis.specialisation | specialisations::Faculteit der Sociale Wetenschappen::Artificial Intelligence::Master Artificial Intelligence | |
| dc.thesis.studyprogramme | studyprogrammes::Faculteit der Sociale Wetenschappen::Artificial Intelligence | |
| dc.thesis.type | Master | |
| dc.title | The Vocal Adversary: Privacy Protection by Voice |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Bemmel, van, L. s-4574249-MSc-MKI92-Thesis-2022.pdf
- Size:
- 3.47 MB
- Format:
- Adobe Portable Document Format