Mass surveillance systems for voice over IP (VoIP) conversations pose a great risk to privacy. These automated systems use learning models to analyze conversations, and calls that involve specific topics are routed to a human agent for further examination. In this study, we present an adversarial-learning-based framework for privacy protection for VoIP conversations. We present a novel method that finds a universal adversarial perturbation (UAP), which, when added to the audio stream, prevents an eavesdropper from automatically detecting the conversation's topic. As shown in our experiments, the UAP is agnostic to the speaker or audio length, and its volume can be changed in real time, as needed. Our real-world solution uses a Teensy microcontroller that acts as an external microphone and adds the UAP to the audio in real time. We examine different speakers, VoIP applications (Skype, Zoom, Slack, and Google Meet), and audio lengths. Our results in the real world suggest that our approach is a feasible solution for privacy protection.
翻译:IP (VoIP) 对话的大规模声音监控系统对隐私构成了极大的风险。 这些自动化系统使用学习模式来分析对话,而涉及特定主题的电话则由人类代理进行进一步检查。 在这项研究中,我们为VoIP 对话提供了一个基于对抗性学习的隐私保护框架。 我们提出了一个新颖的方法,找到通用的对抗性干扰(UAP ), 当添加到音频流时, 防止窃听器自动检测对话主题。 正如我们的实验所显示的, UAP 对演讲或音频长度是不可知的, 其音量可以按需要实时改变。 我们的现实世界解决方案使用一个作为外部麦克风的青少年微控制器, 并在实时将UAP添加到音频中。 我们检查了不同的演讲者、 VoIP 应用程序( Skype、 Zom、 Slack 和 Google Meet) 和音频长度。 我们在现实世界中的结果表明, 我们的方法是保护隐私的可行办法。
相关内容
微信扫码咨询专知VIP会员