Mitigating Backdoor Triggered and Targeted Data Poisoning Attacks in Voice Authentication Systems

TL;DR

This paper presents a unified defense framework for voice authentication systems that detects and mitigates both backdoor triggered and targeted data poisoning attacks using a dual-layered approach with real-time detection and neural network analysis.

Contribution

The paper introduces a novel integrated defense mechanism that combines frequency-focused detection with neural network analysis to counter multiple attack types simultaneously.

Findings

Reduces attack success rates to 5-15%.

Achieves up to 95% recall in detecting targeted data poisoning.

Outperforms existing state-of-the-art methods.

Abstract

Voice authentication systems remain susceptible to two major threats: backdoor triggered attacks and targeted data poisoning attacks. This dual vulnerability is critical because conventional solutions typically address each threat type separately, leaving systems exposed to adversaries who can exploit both attacks simultaneously. We propose a unified defense framework that effectively addresses both BTA and TDPA. Our framework integrates a frequency focused detection mechanism that flags covert pitch boosting and sound masking backdoor attacks in near real time, followed by a convolutional neural network that addresses TDPA. This dual layered defense approach utilizes multidimensional acoustic features to isolate anomalous signals without requiring costly model retraining. In particular, our PBSM detection mechanism can seamlessly integrate into existing voice authentication pipelines and scale effectively for large scale deployments. Experimental results on benchmark datasets and their compression with the state of the art algorithm demonstrate that our PBSM detection mechanism outperforms the state of the art. Our framework reduces attack success rates to as low as five to fifteen percent while maintaining a recall rate of up to ninety five percent in recognizing TDPA.