The content discusses the issue of robustness and privacy in deep learning voice biometry models. While deep learning models excel in various applications, they are susceptible to specific perturbations that can dramatically affect their performance. The authors focus on the certification of automatic speaker recognition models, a topic not yet thoroughly examined in the literature.
The authors introduce a novel randomized smoothing-based approach to certify few-shot embedding models against additive, norm-bounded perturbations. They derive robustness certificates and theoretically demonstrate their advantages over existing competitors' methods. The proposed method is evaluated on the VoxCeleb datasets using several well-known speaker recognition models.
The authors highlight the issue of certified robustness in speaker recognition models and establish a new benchmark for certification in this area. They cover the speaker recognition problem as a few-shot learning task, provide an overview of randomized smoothing techniques, and describe their proposed method for certifying speaker embedding models against norm-bounded additive perturbations.
The authors also discuss the implementation details, including the use of sample mean instead of expectation, Hoeffding confidence intervals, and error probability estimation. The experimental results demonstrate that the proposed approach significantly outperforms the existing Smoothed Embeddings (SE) method in the few-shot setting, but performs worse than randomized smoothing in a classification context.
إلى لغة أخرى
من محتوى المصدر
arxiv.org
الرؤى الأساسية المستخلصة من
by Dmitrii Korz... في arxiv.org 04-30-2024
https://arxiv.org/pdf/2404.18791.pdfاستفسارات أعمق