Source code for the paper "On the Detection of Adaptive Adversarial Attacks in Speaker Verification Systems". In this work, we propose a new detector, called Minimum Energy in High FrEquencies for Short Time (MEH-FEST), to distinguish between an original audio and an adversarial audio.
- ./demo/: showing the idea of MEH-FEST detector in jupyter notebook.
- ./detection_results/: showing the performance of MEH-FEST detection in jupyter notebook.
- ./detection_countermeasure/: two adaptive attacks or attackers' countermeasures studied and shown in jupyter notebook.
- ./detection_countermeasure/epsilon_00025: reducing the perturbation threshold to 0.00025.
- ./detection_countermeasure/n-th_FAKEBOB: (n+1)th MEH-FEST detection method against n-th FAKEBOB attacks.
- ./detection_extend.sh: shell script to run "detection_extend.py".
- ./detection_extend.py: n-th MEH-FEST detection method.
- Follow the instructions at FAKEBOB GitHub Repo to generate adversarial audios.
- Install "librosa" python module by running
- pip install 'numpy==1.20' # required by librosa
- pip install librosa
- Copy "detection_extend.sh" and "detection_extend.py" to be under the root directory of FAKEBOB code.
- Change the directory name for the folder that contains adversarial audios. For example, change "./adversarial-audio/gmm-SV-targeted/" to "./adversarial-audio/gmm-SV-targeted_epsilon_002/".
- Create a new folder for logs, such as "./logs_gmm_epsilon_002".
- Update shell script "detection_extend.sh" for "archi", "epsilon", and the range of "k" in the loop.
- Run "./detection_extend.sh". The detection results can be find in log files under the log folder, such as "./logs_gmm_epsilon_002/detection_gmm_epsilon_002_extend_min_1_results.txt".