Meng Xue,Kuang Peng,Xueluan Gong,Qian Zhang,Yanjiao Chen,Routing Li

DOI: https://doi.org/10.1145/3610874

2023-01-01

Abstract:Intelligent audio systems are ubiquitous in our lives, such as speech command recognition and speaker recognition. However, it is shown that deep learning-based intelligent audio systems are vulnerable to adversarial attacks. In this paper, we propose a physical adversarial attack that exploits reverberation, a natural indoor acoustic effect, to realize imperceptible, fast, and targeted black-box attacks. Unlike existing attacks that constrain the magnitude of adversarial perturbations within a fixed radius, we generate reverberation-alike perturbations that blend naturally with the original voice sample 1. Additionally, we can generate more robust adversarial examples even under over-the-air propagation by considering distortions in the physical environment. Extensive experiments are conducted using two popular intelligent audio systems in various situations, such as different room sizes, distance, and ambient noises. The results show that Echo can invade into intelligent audio systems in both digital and physical over-the-air environment.

Lanqing Yang,Xinqi Chen,Xiangyong Jian,Leping Yang,Yijie Li,Qianfei Ren,Yi-Chao Chen,Guangtao Xue,Xiaoyu Ji

2023-01-01

Abstract:Speech recognition (SR) systems are used on smartphones and speakers to make inquiries, compose emails, and initiate phone calls. However, they also impose a severe security risk. Researchers have demonstrated that the introduction of certain sounds can threaten the security of SR systems. Nonetheless, most of those methods require that the attacker approach within a short distance of the victim, thereby limiting the applicability of such schemes. Other researchers have attacked SR systems remotely using peripheral devices (e.g., lasers); however, those methods require line-of-sight access and an always-on speaker in the vicinity of the victim. To the best of our knowledge, this paper presents the first-ever scheme, named SINGATTACK, in which SR systems are manipulated by human-like sounds generated in the switching mode power supply of the victim's device. The fact that attack signals are transmitted via the power grid enables long-range attacks on existing SR systems. In experiments on ten SR systems, SINGATTACK achieved Mel-Cepstral Distortion of 7.8 from an attack initiated at a distance of 23m.

Guoming Zhang,Xiaoyu Ji,Xinfeng Li,Gang Qu,Wenyuan Xu

DOI: https://doi.org/10.14722/ndss.2021.24551

2021-01-01

Abstract:DolphinAttacks (i.e., inaudible voice commands) modulate audible voices over ultrasounds to inject malicious commands silently into voice assistants and manipulate controlled systems (e.g., doors or smart speakers). Eliminating DolphinAttacks is challenging if ever possible since it requires to modify the microphone hardware. In this paper, we design EarArray, a lightweight method that can not only detect such attacks but also identify the direction of attackers without requiring any extra hardware or hardware modification. Essentially, inaudible voice commands are modulated on ultrasounds that inherently attenuate faster than the one of audible sounds. By inspecting the command sound signals via the built-in multiple microphones on smart devices, EarArray is able to estimate the attenuation rate and thus detect the attacks. We propose a model of the propagation of audible sounds and ultrasounds from the sound source to a voice assistant, e.g., a smart speaker, and illustrate the underlying principle and its feasibility. We implemented EarArray using two specially-designed microphone arrays and our experiments show that EarArray can detect inaudible voice commands with an accuracy of 99% and recognize the direction of the attackers with an accuracy of 97.89%.

Zhicong Zheng,Xinfeng Li,Chen Yan,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1145/3581783.3613843

2023-01-01

Abstract:Backdoor Attacks have been shown to pose significant threats to automatic speech recognition systems (ASRs). Existing success largely assumes backdoor triggering in the digital domain, or the victim will not notice the presence of triggering sounds in the physical domain. However, in practical victim-present scenarios, the over-the-air distortion of the backdoor trigger and the victim awareness raised by its audibility may invalidate such attacks. In this paper, we propose SMA, an inaudible grey-box backdoor attack that can be generalized to real-world scenarios where victims are present by exploiting both the vulnerability of microphones and neural networks. Specifically, we utilize the nonlinear effects of microphones to inject an inaudible ultrasonic trigger. To accurately characterize the microphone response to the crafted ultrasound, we construct a novel nonlinear transfer function for effective optimization. We also design optimization objectives to ensure triggers' robustness in the physical world and transferability on unseen ASR models. In practice, SMA can bypass the microphone's built-in filters and human perception, activating the implanted trigger in the ASRs inaudibly, regardless of whether the user is speaking. Extensive experiments show that the attack success rate of SMA can reach nearly 100% in the digital domain and over 85% against most microphones in the physical domains by only poisoning about 0.5% of the training audio dataset. Moreover, our attack can resist typical defense countermeasures to backdoor attacks.

Xiangyu Xu,Yu Chen,Zhen Ling,Li Lu,Junzhou Luo,Xinwen Fu

DOI: https://doi.org/10.1109/infocom52122.2024.10621229

2024-01-01

Abstract:Recent years have witnessed a surge of headphones (including in-ear headphones) usage in works and communications. Because of the privacy-preserve property, people feel comfortable having confidential communication wearing headphones and pay little attention to speech leakage. In this paper, we present an end-to-end eavesdropping system, mmEar, which shows the feasibility of launching an eavesdropping attack on headphones leveraging a commercial mmWave radar. Different from previous works that realize eavesdropping by sensing speech-induced vibrations with reasonable amplitude, mmEar focuses on capturing the extremely faint vibrations with a low signal-to-noise ratio (SNR) on the surface of headphones. Toward this end, we propose a faint vibration emphasis (FVE) method that models and amplifies the mmWave responses to speech-induced vibrations on the In-phase and Quadrature (IQ) plane, followed by a deep denoising network to further improve the SNR. To achieve practical eavesdropping on various headphones and setups, we propose a cGAN model with a pretrain-finetune scheme, boosting the generalization ability and robustness of the attack by generating high-quality synthesis data. We evaluate mmEar with extensive experiments on different headphones and earphones and find that most of them can be compromised by the proposed attack for speech recovery.

Rongjunchen Zhang,Xiao Chen,Jianchao Lu,Sheng Wen,Surya Nepal,Yang Xiang

DOI: https://doi.org/10.48550/arXiv.1805.06187

2018-05-16

Abstract:Intelligent Personal Assistant (IA), also known as Voice Assistant (VA), has become increasingly popular as a human-computer interaction mechanism. Most smartphones have built-in voice assistants that are granted high privilege, which is able to access system resources and private information. Thus, once the voice assistants are exploited by attackers, they become the stepping stones for the attackers to hack into the smartphones. Prior work shows that the voice assistant can be activated by inter-component communication mechanism, through an official Android API. However, this attack method is only effective on Google Assistant, which is the official voice assistant developed by Google. Voice assistants in other operating systems, even custom Android systems, cannot be activated by this mechanism. Prior work also shows that the attacking voice commands can be inaudible, but it requires additional instruments to launch the attack, making it unrealistic for real-world attack. We propose an attacking framework, which records the activation voice of the user, and launch the attack by playing the activation voice and attack commands via the built-in speaker. An intelligent stealthy module is designed to decide on the suitable occasion to launch the attack, preventing the attack being noticed by the user. We demonstrate proof-of-concept attacks on Google Assistant, showing the feasibility and stealthiness of the proposed attack scheme. We suggest to revise the activation logic of voice assistant to be resilient to the speaker based attack.

Cryptography and Security,Computers and Society

Yan Jiang,Xiaoyu Ji,Juchuan Zhang,Yancheng Jiang,Shui Jiang,Wenyuan Xu

DOI: https://doi.org/10.1109/tdsc.2023.3326184

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recent studies have exposed that voice assistants can be manipulated by various voice commands without being noticed, however, existing attacks require a nearby speaker to play the attack commands. In this paper, we demonstrate that even without a speaker, we can use capacitors inside electronic devices to produce malicious voice commands, i.e., we convert capacitors into speakers and call it CapSpeaker . The underlying principle of CapSpeaker is the inverse piezoelectric effect, i.e., varying the voltage across a capacitor to make it vibrate and thus emit acoustic noises. Forcing capacitors to emit target voice commands is challenging because (1) capacitors' response frequency is out of the range of audible voices. (2) We can not directly control the voltage across capacitors to manipulate their emit sounds. To overcome these challenges, we propose a PWM-based modulation scheme to embed the malicious audio onto a high-frequency carrier, e.g., above 20 kHz, and we create malware to induce the designed voltage across the capacitors such that CapSpeaker plays the chosen malicious commands. Our evaluation of 7 commercial devices demonstrates that CapSpeaker is feasible to inject voice commands, e.g., ”open the door”, at a distance of up to 10.5 cm.

Junning Ze,Xinfeng Li,Yushi Cheng,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ICPADS56603.2022.00033

2022-01-01

Abstract:Automatic speaker verification (ASV) systems have been widely applied in voice user interfaces to conduct person identification and access control via voiceprints. A typical ASV system consists of three stages, i.e., training, enrollment, and verification. Previous work has revealed that the ASV system can be bypassed at the training stage by backdoor attacks and at the verification stage by adversarial example attacks. In this paper, we propose a new type of backdoor attack aimed at the enrollment stage via adversarial ultrasound, named UltraBD, which is highly imperceptible, synchronization-free, and content-independent. By simultaneously injecting the ultrasound backdoor examples when the legitimate user initiates the enrollment, the polluted voiceprints stored in the ASV systems grant access to both the legitimate user and the adversary with relatively high confidence. Despite the challenges, i.e., when, what, and how the legitimate user articulates at the enrollment stage can be remarkably unpredictable and various, we managed to launch UltraBD by augmenting the generation and optimization process of the ultrasound backdoor examples with the randomness of synchronous time and relative amplitude ratio. Furthermore, we optimize the modulation mechanism of adversarial ultrasound by tuning the baseband signal on limited signal frequency points to improve its robustness in the physical world setting. We validate UltraBD on two common datasets together with two open-source ASV models. Results show that UltraBD can be robust to various configurations, e.g., different speakers and utterance content. In sum, our attack calls attention to a new attack surface of ASV systems and sheds light on its fundamental mechanisms.

Xiaoyu Ji,Juchuan Zhang,Shui Jiang,Jishen Li,Wenyuan Xu

DOI: https://doi.org/10.1145/3460120.3485389

2021-01-01

Abstract:Voice assistants can be manipulated by various malicious voice commands, yet existing attacks require a nearby speaker to play the attack commands. In this paper, we show that even when no speakers are available, we can play malicious commands by utilizing the capacitors inside electronic devices, i.e., we convert capacitors into speakers and call it CapSpeaker. Essentially, capacitors can emit acoustic noises due to the inverse piezoelectric effect, i.e., varying the voltage across a capacitor can make it vibrate and thus emit acoustic noises. Forcing capacitors to play malicious voice commands is challenging because (1) the frequency responses of capacitors as speakers have poor performance in the range of audible voices, and (2) we have no direct control over the voltage across capacitors to manipulate their emitting sounds. To overcome the challenges, we use a PWM-based modulation scheme to embed the malicious audio onto a high-frequency carrier, e.g., above 20 kHz, and we create malware that can induce the right voltage across the capacitors such that CapSpeaker plays the chosen malicious commands. We conducted extensive experiments with 2 LED lamps (a modified one and a commercial one) and 5 victim devices (iPhone 4s, iPad mini 5, Huawei Nova 5i, etc.). Evaluation results demonstrate that CapSpeaker is feasible at a distance up to 10.5 cm, triggering a smartphone to receive voice commands, e.g., "open the door''.

Zhuoyang Shi,Chaohao Li,Zizhi Jin,Weinong Sun,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/icpads53394.2021.00027

2021-01-01

Abstract:Due to the open nature of voice and voice interface, attackers can easily record the user's voice commands and spoof the voice recognition systems by replaying them. Existing voice replay attack detection methods mainly rely on extra hardware to determine the sound source or require excessively computing resources for training the classifier with a large number of acoustic features. Hence, we prop...

Wenbin Huang,Wenjuan Tang,Kuan Zhang,Haojin Zhu,Yaoxue Zhang

DOI: https://doi.org/10.1109/infocom48880.2022.9796653

2022-01-01

Abstract:Enormous mobile applications (apps) now support voice functionality for convenient user-device interaction. However, these voice-enabled apps may spitefully invoke microphone to realize voice eavesdropping with arousing security risks and privacy concerns. To explore the issue of voice eavesdropping, in this work, we first design eavesdropping apps through native development and injection development to conduct eavesdropping attacks on a series of smart devices. The results demonstrate that eavesdropping could be carried out freely without any hint. To thwart voice eavesdropping, we propose a valid eavesdropping detection (EarDet) scheme based on the discovery that the activation of voice function in most apps requires authorization from the user by touching a specific voice icon. In the scheme, we construct a request-response time model using the Unix time stamps of touching the voice icon and microphone invoked. Through numerical analysis and hypothesis testing to effectively verify the pattern of the app's normal access under user authorization to the microphone, we could detect eavesdropping attacks by sensing whether there is a touch operation. Finally, we apply the scheme to different smart devices and test several apps. The experimental results show that the proposed EarDet scheme can achieve a high detection accuracy.

Wenrui Diao,Xiangyu Liu,Zhe Zhou,Kehuan Zhang

DOI: https://doi.org/10.48550/arXiv.1407.4923

2014-07-18

Cryptography and Security

Abstract:Previous research about sensor based attacks on Android platform focused mainly on accessing or controlling over sensitive device components, such as camera, microphone and GPS. These approaches get data from sensors directly and need corresponding sensor invoking permissions. This paper presents a novel approach (GVS-Attack) to launch permission bypassing attacks from a zero permission Android application (VoicEmployer) through the speaker. The idea of GVS-Attack utilizes an Android system built-in voice assistant module -- Google Voice Search. Through Android Intent mechanism, VoicEmployer triggers Google Voice Search to the foreground, and then plays prepared audio files (like "call number 1234 5678") in the background. Google Voice Search can recognize this voice command and execute corresponding operations. With ingenious designs, our GVS-Attack can forge SMS/Email, access privacy information, transmit sensitive data and achieve remote control without any permission. Also we found a vulnerability of status checking in Google Search app, which can be utilized by GVS-Attack to dial arbitrary numbers even when the phone is securely locked with password. A prototype of VoicEmployer has been implemented to demonstrate the feasibility of GVS-Attack in real world. In theory, nearly all Android devices equipped with Google Services Framework can be affected by GVS-Attack. This study may inspire application developers and researchers rethink that zero permission doesn't mean safety and the speaker can be treated as a new attack surface.

Xiaoyu Ji,Wenyuan Xu,Guoming Zhang,Tianchen Zhang,Chen Yan,Taimin Zhang

DOI: https://doi.org/10.1109/TDSC.2019.2906165

2019-03-19

IEEE Transactions on Dependable and Secure Computing

Abstract:Voice assistants (VAs) such as Siri and Google Now have become an increasingly popular human-machine interaction method and have made various systems voice controllable. Prior work on attacking voice assistants shows that the hidden voice commands that are incomprehensible to people can control the VAs. Hidden voice commands, though ‘hidden’, are nonetheless audible. In this work, we design a completely inaudible attack, DolphinAttack, that modulates voice commands on ultrasonic carriers to achieve inaudibility. By leveraging the nonlinearity of the microphone circuits, the modulated low-frequency audio commands can be successfully demodulated, recovered, and more importantly interpreted by the voice assistants. We validate DolphinAttack on popular voice assistants, including Siri, Google Now, S Voice, HiVoice, Cortana, Alexa, etc. By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to turn on the airplane mode, and even manipulating the navigation system in an Audi automobile. We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice assistants to be resilient to inaudible voice command attacks.

Engineering,Computer Science

Lei Wang,Meng Chen,Li Lü,Zhongjie Ba,Feng Lin,Kui Ren

DOI: https://doi.org/10.1145/3580789

2023-01-01

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies

Abstract:Recently, voice leakage gradually raises more significant concerns of users, due to its underlying sensitive and private information when providing intelligent services. Existing studies demonstrate the feasibility of applying learning-based solutions on built-in sensor measurements to recover voices. However, due to the privacy concerns, large-scale voices-sensor measurements samples for model training are not publicly available, leading to significant efforts in data collection for such an attack. In this paper, we propose a training-free and universal eavesdropping attack on built-in speakers, VoiceListener, which releases the data collection efforts and is able to adapt to various voices, platforms, and domains. In particular, VoiceListener develops an aliasing-corrected super resolution mechanism, including an aliasing-based pitch estimation and an aliasing-corrected voice recovering, to convert the undersampled narrow-band sensor measurements to wide-band voices. Extensive experiments demonstrate that our proposed VoiceListener could accurately recover the voices from undersampled sensor measurements and is robust to different voices, platforms and domains, realizing the universal eavesdropping attack.

Ahmed Tanvir Mahdad,Cong Shi,Zhengkun Ye,Tianming Zhao,Yan Wang,Yingying Chen,Nitesh Saxena

DOI: https://doi.org/10.48550/arXiv.2212.12151

2022-12-23

Abstract:Eavesdropping from the user's smartphone is a well-known threat to the user's safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks on ear speakers, which produce much smaller scale vibrations, were believed impossible to eavesdrop with zero-permission motion sensors. In this work, we revisit this important line of reach. We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We investigate the impacts of these new ear speakers on built-in motion sensors and examine the potential to elicit private speech information from the minute vibrations. Our designed system EarSpy can successfully detect word regions, time, and frequency domain features and generate a spectrogram for each word region. We train and test the extracted data using classical machine learning algorithms and convolutional neural networks. We found up to 98.66% accuracy in gender detection, 92.6% detection in speaker detection, and 56.42% detection in digit detection (which is 5X more significant than the random selection (10%)). Our result unveils the potential threat of eavesdropping on phone conversations from ear speakers using motion sensors.

Sound,Cryptography and Security,Audio and Speech Processing

S Abhishek Anand,Chen Wang,Jian Liu,Nitesh Saxena,Yingying Chen

DOI: https://doi.org/10.48550/arXiv.1907.05972

2020-10-19

Abstract:In this paper, we build a speech privacy attack that exploits speech reverberations generated from a smartphone's in-built loudspeaker captured via a zero-permission motion sensor (accelerometer). We design our attack Spearphone2, and demonstrate that speech reverberations from inbuilt loudspeakers, at an appropriate loudness, can impact the accelerometer, leaking sensitive information about the speech. In particular, we show that by exploiting the affected accelerometer readings and carefully selecting feature sets along with off-the-shelf machine learning techniques, Spearphone can successfully perform gender classification (accuracy over 90%) and speaker identification (accuracy over 80%) for any audio/video playback on the smartphone. Our results with testing the attack on a voice call and voice assistant response were also encouraging, showcasing the impact of the proposed attack. In addition, we perform speech recognition and speech reconstruction to extract more information about the eavesdropped speech to an extent. Our work brings to light a fundamental design vulnerability in many currently-deployed smartphones, which may put people's speech privacy at risk while using the smartphone in the loudspeaker mode during phone calls, media playback or voice assistant interactions.

Cryptography and Security

Si Chen,Kui Ren,Sixu Piao,Cong Wang,Qian Wang,Jian Weng,Lu Su,Aziz Mohaisen

DOI: https://doi.org/10.1109/ICDCS.2017.133

2017-01-01

Abstract:Voice, as a convenient and efficient way of information delivery, has a significant advantage over the conventional keyboard-based input methods, especially on small mobile devices such as smartphones and smartwatches. However, the human voice could often be exposed to the public, which allows an attacker to quickly collect sound samples of targeted victims and further launch voice impersonation attacks to spoof those voice-based applications. In this paper, we propose the design and implementation of a robust software-only voice impersonation defense system, which is tailored for mobile platforms and can be easily integrated with existing off-the-shelf smart devices. In our system, we explore magnetic field emitted from loudspeakers as the essential characteristic for detecting machine-based voice impersonation attacks. Furthermore, we use a state-of-the-art automatic speaker verification system to defend against human imitation attacks. Finally, our evaluation results show that our system achieves simultaneously high accuracy (100%) and low equal error rates (EERs) (0%) in detecting the machine-based voice impersonation attack on smartphones.

Zhongjie Ba,Tianhang Zheng,Xinyu Zhang,Zhan Qin,Baochun Li,Xue Liu,Kui Ren

DOI: https://doi.org/10.14722/ndss.2020.24076

2020-01-01

Abstract:Motion sensors on current smartphones have been exploited for audio eavesdropping due to their sensitivity to vibrations. However, this threat is considered low-risk because of two widely acknowledged limitations: First, unlike microphones, motion sensors can only pick up speech signals traveling through a solid medium. Thus, the only feasible setup reported previously is to use a smartphone gyroscope to eavesdrop on a loudspeaker placed on the same table. The second limitation comes from a common sense that these sensors can only pick up a narrow band (85-100Hz) of speech signals due to a sampling ceiling of 200Hz. In this paper, we revisit the threat of motion sensors to speech privacy and propose AccelEve, a new side-channel attack that employs a smartphone's accelerometer to eavesdrop on the speaker in the same smartphone. Specifically, it utilizes the accelerometer measurements to recognize the speech emitted by the speaker and to reconstruct the corresponding audio signals. In contrast to previous works, our setup allows the speech signals to always produce strong responses in accelerometer measurements through the shared motherboard, which successfully addresses the first limitation and allows this kind of attacks to penetrate into real-life scenarios. Regarding the sampling rate limitation, contrary to the widely-held belief, we observe up to 500Hz sampling rates in recent smartphones, which almost covers the entire fundamental frequency band (85-255Hz) of adult speech. On top of these pivotal observations, we propose a novel deep learning based system that learns to recognize and reconstruct speech information from the spectrogram representation of acceleration signals. This system employs adaptive optimization on deep neural networks with skip connections using robust and generalizable losses to achieve robust recognition and reconstruction performance. Extensive evaluations demonstrate the effectiveness and high accuracy of our attack under various settings.

Bang Tran,Shenhui Pan,Xiaohui Liang,Honggang Zhang

DOI: https://doi.org/10.1109/icc42927.2021.9500792

2021-01-01

Abstract:Voice Assistant System (VAS) provides a convenient way for users to interact with smart-home devices via a voice interface. However, it raises unique security issues, including voice replay and injection attacks, where attackers remotely and maliciously control the smart-home devices via a voice interface. In this paper, we consider a typical smart-home scenario in which a VAS device and a compromised speaker device are placed in close physical proximity. The attacker can remotely play malicious voice commands through the speaker device to manipulate the VAS device for malicious purposes. We propose a defense system on the VAS device to secure the VAS device against both voice replay and injection attacks, without any additional devices and without any extra user effort. Specifically, our system aims to collect voice data and wireless data continuously from the VAS device and then extracts the Mel-Cepstral Frequency Coefficients (MFCC) features from voice and wireless data. We consider that both voice and wireless data are affected by the same present users’ physical activities, and the correlation can be used to detect the attacks. Finally, our system applies a deep learning model that learns from previous time-series data and analyzes real-time data to infer whether the real-time voice command is generated from a user or the speaker device. We have tested our system in certain real-world smart-home scenarios. Our experiments showed that the proposed system has a probability between 76.4% to 89.1% to successfully detect the voice replay and injection attacks in the considered scenarios.

Forrest McKee,David Noever

2023-11-23

Abstract:In this study, we investigate the emerging threat of inaudible acoustic attacks targeting digital voice assistants, a critical concern given their projected prevalence to exceed the global population by 2024. Our research extends the feasibility of these attacks across various platforms like Amazon's Alexa, Android, iOS, and Cortana, revealing significant vulnerabilities in smart devices. The twelve attack vectors identified include successful manipulation of smart home devices and automotive systems, potential breaches in military communication, and challenges in critical infrastructure security. We quantitatively show that attack success rates hover around 60%, with the ability to activate devices remotely from over 100 feet away. Additionally, these attacks threaten critical infrastructure, emphasizing the need for multifaceted defensive strategies combining acoustic shielding, advanced signal processing, machine learning, and robust user authentication to mitigate these risks.

Cryptography and Security,Machine Learning,Sound,Audio and Speech Processing