Privacy attacks for automatic speech recognition acoustic models in a federated learning framework
| Autor: | Natalia Tomashenko, Salima Mdhaffar, Marc Tommasi, Yannick Esteve, Jean-Francois Bonastre |
|---|---|
| Přispěvatelé: | Laboratoire Informatique d'Avignon (LIA), Avignon Université (AU)-Centre d'Enseignement et de Recherche en Informatique - CERI, Machine Learning in Information Networks (MAGNET), Inria Lille - Nord Europe, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189 (CRIStAL), Centrale Lille-Université de Lille-Centre National de la Recherche Scientifique (CNRS)-Centrale Lille-Université de Lille-Centre National de la Recherche Scientifique (CNRS), ANR-18-CE23-0018,DEEP-PRIVACY,Apprentissage distribué, personnalisé, préservant la privacité pour le traitement de la parole(2018), ANR-18-JSTS-0001,VoicePersonae,Clonage et protection de l'identité vocale(2018), Tomashenko, Natalia, APPEL À PROJETS GÉNÉRIQUE 2018 - Apprentissage distribué, personnalisé, préservant la privacité pour le traitement de la parole - - DEEP-PRIVACY2018 - ANR-18-CE23-0018 - AAPG2018 - VALID, APPEL À PROJETS FRANCO-JAPONAIS : INTERACTION SYMBIOTIQUE - Clonage et protection de l'identité vocale - - VoicePersonae2018 - ANR-18-JSTS-0001 - ANR-JST CREST IS - VALID |
| Jazyk: | angličtina |
| Rok vydání: | 2022 |
| Předmět: |
FOS: Computer and information sciences
Sound (cs.SD) Computer Science - Computation and Language Computer Science - Cryptography and Security federated learning attack models speech recognition acoustic models Computer Science - Sound [INFO.INFO-CL]Computer Science [cs]/Computation and Language [cs.CL] [INFO.INFO-CL] Computer Science [cs]/Computation and Language [cs.CL] Audio and Speech Processing (eess.AS) Privacy FOS: Electrical engineering electronic engineering information engineering Computation and Language (cs.CL) Cryptography and Security (cs.CR) speaker verification Electrical Engineering and Systems Science - Audio and Speech Processing |
| Zdroj: | ICASSP 2022 ICASSP 2022, 2022, Singapour, Singapore |
| Popis: | This paper investigates methods to effectively retrieve speaker information from the personalized speaker adapted neural network acoustic models (AMs) in automatic speech recognition (ASR). This problem is especially important in the context of federated learning of ASR acoustic models where a global model is learnt on the server based on the updates received from multiple clients. We propose an approach to analyze information in neural network AMs based on a neural network footprint on the so-called Indicator dataset. Using this method, we develop two attack models that aim to infer speaker identity from the updated personalized models without access to the actual users' speech data. Experiments on the TED-LIUM 3 corpus demonstrate that the proposed approaches are very effective and can provide equal error rate (EER) of 1-2%. Comment: Submitted to ICASSP 2022 |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|