Recently, automatic speaker verification (ASV) based on deep learning is easily contaminated by adversarial attacks, which is a new type of attack that injects imperceptible perturbations to audio signals so as to make ASV produce wrong decisions. This poses a significant threat to the security and reliability of ASV systems. To address this issue, we propose a Diffusion-Based Adversarial Purification (DAP) method that enhances the robustness of ASV systems against such adversarial attacks. Our method leverages a conditional denoising diffusion probabilistic model to effectively purify the adversarial examples and mitigate the impact of perturbations. DAP first introduces controlled noise into adversarial examples, and then performs a reverse denoising process to reconstruct clean audio. Experimental results demonstrate the efficacy of the proposed DAP in enhancing the security of ASV and meanwhile minimizing the distortion of the purified audio signals.

翻译：近年来，基于深度学习的自动说话人验证系统极易受到对抗攻击的污染。这类新型攻击通过向音频信号中注入难以察觉的扰动，使ASV系统产生错误判断，对ASV系统的安全性与可靠性构成了严重威胁。为解决此问题，本文提出一种基于扩散的对抗净化方法，旨在提升ASV系统抵御此类对抗攻击的鲁棒性。该方法利用条件去噪扩散概率模型，有效净化对抗样本并减轻扰动影响。DAP首先向对抗样本中引入受控噪声，随后执行逆向去噪过程以重构纯净音频。实验结果表明，所提出的DAP方法在增强ASV安全性的同时，能最大限度地减少净化后音频信号的失真。