Worcester Polytechnic Institute Electronic Theses and Dissertations Collection

Title page for ETD etd-032714-115410

Document Typedissertation
Author NameYang, Chenguang
Email Address sherlockholmes_y at hotmail.com
TitleSecurity in Voice Authentication
DepartmentElectrical & Computer Engineering
  • Berk Sunar, Advisor
  • Thomas Eisenbarth, Committee Member
  • Krishna Kumar Venkatasubramanian, Committee Member
  • Yehia Massoud, Department Head
  • Keywords
  • Gaussian Mixture Model
  • Entropy
  • Voice
  • Mel Frequency Cepstral Coefficients
  • Date of Presentation/Defense2014-03-27
    Availability unrestricted


    We evaluate the security of human voice password

    databases from an information

    theoretical point of view. More specifically, we

    provide a theoretical estimation on the amount of

    entropy in human voice when processed using the

    conventional GMM-UBM technologies and the MFCCs as

    the acoustic features. The theoretical estimation

    gives rise to a methodology for analyzing the

    security level in a corpus of human voice. That

    is, given a database containing speech signals, we

    provide a method for estimating the relative

    entropy (Kullback-Leibler divergence) of the

    database thereby establishing the security level

    of the speaker verification system. To demonstrate

    this, we analyze the YOHO database, a corpus of

    voice samples collected from 138 speakers and show

    that the amount of entropy extracted is less than

    14-bits. We also present a practical attack that

    succeeds in impersonating the voice of any speaker

    within the corpus with a 98% success probability

    with as little as 9 trials. The attack will still

    succeed with a rate of 62.50% if 4 attempts are

    permitted. Further, based on the same attack

    rationale, we mount an attack on the ALIZE speaker

    verification system. We show through

    experimentation that the attacker can impersonate

    any user in the database of 69 people with about

    25% success rate with only 5 trials. The success

    rate can achieve more than 50% by increasing the

    allowed authentication attempts to 20. Finally,

    when the practical attack is cast in terms of an

    entropy metric, we find that the theoretical

    entropy estimate almost perfectly predicts the

    success rate of the practical attack, giving

    further credence to the theoretical model and the

    associated entropy estimation technique.

  • yang.pdf

  • Browse by Author | Browse by Department | Search all available ETDs

    [WPI] [Library] [Home] [Top]

    Questions? Email etd-questions@wpi.edu
    Maintained by webmaster@wpi.edu