Proactive Detection of Speaker Identity Manipulation with Neural Watermarking
Track: long paper (up to 9 pages)
Keywords: Neural watermarking, speaker embedding, speaker identity manipulation, speech security
Abstract: We propose a neural network-based watermarking approach for defending against speaker identity manipulation attacks. Our method extracts a source speaker embedding from a carrier waveform and embeds it back into the waveform before transmission. After undergoing various channel transmissions and potential identity manipulation attacks, the receiver reconstructs the source speaker embedding from the extracted watermark and compares it with the embedding obtained from the received waveform to assess the likelihood of identity manipulation. Experimental results demonstrate the robustness of the proposed framework against multiple digital signal processing based transmissions and attacks. However, we observe that while neural codec algorithms have minimal impact on manipulating speaker identity, they significantly degrade watermark detection accuracy, leading to failures in detecting identity manipulation.
Presenter: ~Wanying_Ge1
Format: Yes, the presenting author will attend in person if this work is accepted to the workshop.
Funding: No, the presenting author of this submission does *not* fall under ICLR’s funding aims, or has sufficient alternate funding.
Anonymization: This submission has been anonymized for double-blind review via the removal of identifying information such as names, affiliations, and identifying URLs.
Submission Number: 25
Loading