Backdoor Attacks against Voice Recognition Systems: A Survey

TL;DR

This survey reviews the landscape of backdoor attacks on voice recognition systems, analyzing attack methods, defenses, and future challenges to enhance security in speech-based AI applications.

Contribution

It provides a comprehensive taxonomy, evaluation criteria, and analysis of attack and defense techniques for backdoor vulnerabilities in VRSs, addressing a significant research gap.

Findings

Classified backdoor attack methods and their characteristics.

Analyzed effectiveness of defense strategies against attacks.

Identified open issues and future research directions.

Abstract

Voice Recognition Systems (VRSs) employ deep learning for speech recognition and speaker recognition. They have been widely deployed in various real-world applications, from intelligent voice assistance to telephony surveillance and biometric authentication. However, prior research has revealed the vulnerability of VRSs to backdoor attacks, which pose a significant threat to the security and privacy of VRSs. Unfortunately, existing literature lacks a thorough review on this topic. This paper fills this research gap by conducting a comprehensive survey on backdoor attacks against VRSs. We first present an overview of VRSs and backdoor attacks, elucidating their basic knowledge. Then we propose a set of evaluation criteria to assess the performance of backdoor attack methods. Next, we present a comprehensive taxonomy of backdoor attacks against VRSs from different perspectives and analyze the characteristic of different categories. After that, we comprehensively review existing attack methods and analyze their pros and cons based on the proposed criteria. Furthermore, we review classic backdoor defense methods and generic audio defense techniques. Then we discuss the feasibility of deploying them on VRSs. Finally, we figure out several open issues and further suggest future research directions to motivate the research of VRSs security.