SLMIA-SR: Speaker-Level Membership Inference Attacks against Speaker Recognition Systems

Guangke Chen

Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Privacy & ML

In an era where voice data is increasingly prevalent across smart devices, social media, and various services, the privacy implications of **Speaker Recognition Systems** (SRSs) have become a critical concern. This talk, "SLMIA-SR: Speaker-Level Membership Inference Attacks against Speaker Recognition Systems," presented by Guangke Chen, introduces a groundbreaking **Membership Inference Attack** (MIA) specifically tailored to reveal whether a particular speaker's voice data was used in the training of an SRS. Traditional MIAs, primarily designed for other machine learning domains like image classification, have proven ineffective against the unique architectures and training paradigms of SRSs, often yielding unsatisfactory performance (less than 2% True Positive Rate at 0.1% False Positive Rate when ported).