Worcester Polytechnic Institute Electronic Theses and Dissertations Collection

Title page for ETD etd-032714-115410


Document Typedissertation
Author NameYang, Chenguang
Email Address sherlockholmes_y at hotmail.com
URNetd-032714-115410
TitleSecurity in Voice Authentication
DegreePhD
DepartmentElectrical & Computer Engineering
Advisors
  • Berk Sunar, Advisor
  • Thomas Eisenbarth, Committee Member
  • Krishna Kumar Venkatasubramanian, Committee Member
  • Yehia Massoud, Department Head
  • Keywords
  • Gaussian Mixture Model
  • Entropy
  • Voice
  • Mel Frequency Cepstral Coefficients
  • Date of Presentation/Defense2014-03-27
    Availability unrestricted

    Abstract

    We evaluate the security of human voice password databases from an information theoretical point of view. More specifically, we provide a theoretical estimation on the amount of entropy in human voice when processed using the conventional GMM-UBM technologies and the MFCCs as the acoustic features. The theoretical estimation gives rise to a methodology for analyzing the security level in a corpus of human voice. That is, given a database containing speech signals, we provide a method for estimating the relative entropy (Kullback-Leibler divergence) of the database thereby establishing the security level of the speaker verification system. To demonstrate this, we analyze the YOHO database, a corpus of voice samples collected from 138 speakers and show that the amount of entropy extracted is less than 14-bits. We also present a practical attack that succeeds in impersonating the voice of any speaker within the corpus with a 98% success probability with as little as 9 trials. The attack will still succeed with a rate of 62.50% if 4 attempts are permitted. Further, based on the same attack rationale, we mount an attack on the ALIZE speaker verification system. We show through experimentation that the attacker can impersonate any user in the database of 69 people with about 25% success rate with only 5 trials. The success rate can achieve more than 50% by increasing the allowed authentication attempts to 20. Finally, when the practical attack is cast in terms of an entropy metric, we find that the theoretical entropy estimate almost perfectly predicts the success rate of the practical attack, giving further credence to the theoretical model and the associated entropy estimation technique.

    Files
  • yang.pdf

  • Browse by Author | Browse by Department | Search all available ETDs

    [WPI] [Library] [Home] [Top]

    Questions? Email etd-questions@wpi.edu
    Maintained by webmaster@wpi.edu