Recently, adapting the idea of self-supervised learning (SSL) on continuous speech has started gaining attention. SSL models pre-trained on a huge amount of unlabeled audio can generate general-purpose representations that benefit a wide variety of speech processing tasks. Despite their ubiquitous deployment, however, the potential privacy risks of these models have not been well investigated. In this paper, we present the first privacy analysis on several SSL speech models using Membership Inference Attacks (MIA) under black-box access. The experiment results show that these pre-trained models are vulnerable to MIA and prone to membership information leakage with high adversarial advantage scores in both utterance-level and speaker-level. Furthermore, we also conduct several ablation studies to understand the factors that contribute to the success of MIA.
翻译:最近,在连续演讲中自我监督学习(SSL)的想法开始引起人们的注意。在大量未贴标签的音频上预先培训的SSL模式可以产生有利于多种语音处理任务的通用代表。尽管这些模式无处不在,但这些模式的潜在隐私风险尚未得到充分调查。在本文件中,我们介绍了使用黑箱访问下的成员推断攻击(MIA)对几个SSL语言模型的第一次隐私分析。实验结果表明,这些预先培训的模式容易受到MIA的影响,而且很容易在言论和演讲级别上出现具有高度对抗优势的会籍信息泄漏。此外,我们还进行了几项通缩研究,以了解有助于MIA成功的因素。
相关内容
微信扫码咨询专知VIP会员