HASP: A High-Performance Adaptive Mobile Security Enhancement Against Malicious Speech Recognition

TL;DR

HASP is a real-time, mobile-optimized security method that uses imperceptible adversarial noises to protect user speech from malicious ASR monitoring, significantly increasing error rates and outperforming existing techniques.

Contribution

HASP introduces a novel, high-performance adversarial noise approach tailored for mobile devices to enhance speech privacy against malicious ASR systems.

Findings

Achieves an average Word Error Rate of 84.55% in perturbing malicious ASR.

Operates 15 to 40 times faster than current state-of-the-art methods.

Effectively perturbs various ASR systems with high transferability.

Abstract

Nowadays, machine learning based Automatic Speech Recognition (ASR) technique has widely spread in smartphones, home devices, and public facilities. As convenient as this technology can be, a considerable security issue also raises -- the users' speech content might be exposed to malicious ASR monitoring and cause severe privacy leakage. In this work, we propose HASP -- a high-performance security enhancement approach to solve this security issue on mobile devices. Leveraging ASR systems' vulnerability to the adversarial examples, HASP is designed to cast human imperceptible adversarial noises to real-time speech and effectively perturb malicious ASR monitoring by increasing the Word Error Rate (WER). To enhance the practical performance on mobile devices, HASP is also optimized for effective adaptation to the human speech characteristics, environmental noises, and mobile computation scenarios. The experiments show that HASP can achieve optimal real-time security enhancement: it can lead an average WER of 84.55% for perturbing the malicious ASR monitoring, and the data processing speed is 15x to 40x faster compared to the state-of-the-art methods. Moreover, HASP can effectively perturb various ASR systems, demonstrating a strong transferability.