The proposed defense strategies against malicious voice attacks focus on leveraging the spectrum compensation technique and incorporating features from various domains. Key components and methodologies include:
Modulated Replay Attack Detection: Identifying the modulated replay attack by analyzing the spectrum compensation technique and using both frequency and time-domain features. The DualGuard system combines these features to detect replay attacks, including modulated ones.
Secure ASR for Driverless Cars: The SIEVE system distinguishes voice commands from drivers, passengers, and non-human speakers by filtering out multiple-source voice commands, identifying voice attacks from non-human speakers, and determining the driver's voice based on propagation direction.
Acoustic Compensation System (ACE): Mitigating the effects of spectrum reduction attacks by reconstructing deleted frequency components and introducing acoustic perturbations to mimic real-world noise. ACE includes a spectrum compensation module, noise addition module, and an adaptation module to optimize parameters based on the attack's component removal ratio.
These strategies combine frequency and time-domain analysis, physical properties of voice propagation, and adaptive mitigation techniques to enhance the security and reliability of voice processing systems against malicious attacks.