E-Book, Englisch, 142 Seiten
Reihe: Springer Theses
Pathak Privacy-Preserving Machine Learning for Speech Processing
2013
ISBN: 978-1-4614-4639-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, 142 Seiten
Reihe: Springer Theses
ISBN: 978-1-4614-4639-2
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
This thesis discusses the privacy issues in speech-based applications such as biometric authentication, surveillance, and external speech processing services. Author Manas A. Pathak presents solutions for privacy-preserving speech processing applications such as speaker verification, speaker identification and speech recognition. The author also introduces some of the tools from cryptography and machine learning and current techniques for improving the efficiency and scalability of the presented solutions. Experiments with prototype implementations of the solutions for execution time and accuracy on standardized speech datasets are also included in the text. Using the framework proposed may now make it possible for a surveillance agency to listen for a known terrorist without being able to hear conversation from non-targeted, innocent civilians.
Dr. Manas A. Pathak received the BTech degree in computer science from Visvesvaraya National Institute of Technology, Nagpur, India, in 2006, and the MS and PhD degrees from the Language Technologies Institute at Carnegie Mellon University (CMU) in 2009 and 2012 respectively. He is currently working as a research scientist at Adchemy, Inc. His research interests include intersection of data privacy, machine learning, speech processing.
Autoren/Hrsg.
Weitere Infos & Material
1;Privacy-PreservingMachine Learningfor Speech Processing;3
1.1;Supervisor’s Foreword;6
1.2;Acknowledgments;8
1.3;Contents;10
1.4;Acronyms;15
1.5;Part I
Introduction;16
1.5.1;1 Thesis Overview;17
1.5.1.1;1.1 Motivation;17
1.5.1.2;1.2 Thesis Statement;18
1.5.1.3;1.3 Summary of Contributions;19
1.5.1.4;1.4 Thesis Organization;20
1.5.1.5;References;20
1.5.2;2 Speech Processing Background;21
1.5.2.1;2.1 Tools and Techniques;21
1.5.2.1.1;2.1.1 Signal Parameterization;21
1.5.2.1.2;2.1.2 Gaussian Mixture Models;22
1.5.2.1.3;2.1.3 Hidden Markov Models;22
1.5.2.2;2.2 Speaker Identification and Verification;24
1.5.2.2.1;2.2.1 Modeling Speech;24
1.5.2.2.2;2.2.2 Model Adaptation;26
1.5.2.2.3;2.2.3 Supervectors with LSH;27
1.5.2.2.4;2.2.4 Reconstructing Data from LSH Keys;29
1.5.2.3;2.3 Speech Recognition;30
1.5.2.4;References;31
1.5.3;3 Privacy Background;33
1.5.3.1;3.1 What is Privacy?;33
1.5.3.1.1;3.1.1 Definitions;33
1.5.3.1.2;3.1.2 Related Concepts;34
1.5.3.1.3;3.1.3 Privacy-Preserving Applications;35
1.5.3.1.4;3.1.4 Privacy-Preserving Computation in this Thesis;36
1.5.3.2;3.2 Secure Multiparty Computation;36
1.5.3.2.1;3.2.1 Protocol Assumptions;38
1.5.3.2.2;3.2.2 Adversarial Behavior;39
1.5.3.2.3;3.2.3 Privacy Definitions: Ideal Model and Real Model;40
1.5.3.2.4;3.2.4 Encryption;41
1.5.3.2.5;3.2.5 Masking;47
1.5.3.2.6;3.2.6 Zero-Knowledge Proofs and Threshold Cryptosystems;49
1.5.3.2.7;3.2.7 Oblivious Transfer;51
1.5.3.2.8;3.2.8 Related Work on SMC Protocols for Machine Learning;53
1.5.3.3;3.3 Differential Privacy;53
1.5.3.3.1;3.3.1 Exponential Mechanism;55
1.5.3.3.2;3.3.2 Related Work on Differentially Private Machine Learning;56
1.5.3.3.3;3.3.3 Differentially Private Speech Processing;56
1.5.3.4;References;57
1.6;Part II
Privacy-Preserving Speaker Verification;60
1.6.1;4 Overview of Speaker Verification with Privacy;61
1.6.1.1;4.1 Introduction;61
1.6.1.2;4.2 Privacy Issues and Adversarial Behavior;62
1.6.1.2.1;4.2.1 Imposter Imitating a User;63
1.6.1.2.2;4.2.2 Collusion;64
1.6.1.2.3;4.2.3 Information Leakage After Multiple Interactions;64
1.6.1.3;References;65
1.6.2;5 Privacy-Preserving Speaker Verification Using Gaussian Mixture Models;66
1.6.2.1;5.1 System Architecture;66
1.6.2.2;5.2 Speaker Verification Protocols;68
1.6.2.2.1;5.2.1 Private Enrollment Protocol;69
1.6.2.2.2;5.2.2 Private Verification Protocols;69
1.6.2.3;5.3 Experiments;71
1.6.2.3.1;5.3.1 Precision;72
1.6.2.3.2;5.3.2 Accuracy;72
1.6.2.3.3;5.3.3 Execution Time;72
1.6.2.4;5.4 Conclusion;73
1.6.2.5;5.5 Supplementary Protocols;74
1.6.2.6;References;77
1.6.3;6 Privacy-Preserving Speaker Verification as String Comparison;78
1.6.3.1;6.1 System Architecture;79
1.6.3.2;6.2 Protocols;80
1.6.3.3;6.3 Experiments;81
1.6.3.3.1;6.3.1 Accuracy;81
1.6.3.3.2;6.3.2 Execution Time;82
1.6.3.4;6.4 Conclusion;83
1.6.3.5;References;83
1.7;Part III Privacy-Preserving Speaker Identification;84
1.7.1;7 Overview of Speaker Identification with Privacy;85
1.7.1.1;7.1 Introduction;85
1.7.1.1.1;7.1.1 Speech-Based Surveillance;85
1.7.1.1.2;7.1.2 Preliminary Step for Other Speech Processing Tasks;86
1.7.1.2;7.2 Privacy Issues and Adversarial Behavior;87
1.7.1.2.1;7.2.1 Collusion;88
1.7.1.2.2;7.2.2 Information Leakage After Multiple Interactions;88
1.7.2;8 Privacy-Preserving Speaker Identification Using Gaussian Mixture Models;89
1.7.2.1;8.1 Introduction;89
1.7.2.2;8.2 System Architecture;90
1.7.2.3;8.3 Speaker Identification Protocols;91
1.7.2.3.1;8.3.1 Case 1: Client Sends Encrypted Speech Sample to the Server;91
1.7.2.3.2;8.3.2 Case 2: Server Sends Encrypted Speaker Models to the Client;93
1.7.2.4;8.4 Experiments;95
1.7.2.4.1;8.4.1 Precision;95
1.7.2.4.2;8.4.2 Accuracy;95
1.7.2.4.3;8.4.3 Execution Time;95
1.7.2.5;8.5 Conclusion;96
1.7.2.6;References;96
1.7.3;9 Privacy-Preserving Speaker Identification as String Comparison;98
1.7.3.1;9.1 Introduction;98
1.7.3.2;9.2 System Architecture;99
1.7.3.3;9.3 Protocols;100
1.7.3.3.1;9.3.1 Oblivious Salting;100
1.7.3.3.2;9.3.2 Speaker Identification;101
1.7.3.4;9.4 Experiments;102
1.7.3.4.1;9.4.1 Accuracy;102
1.7.3.4.2;9.4.2 Execution Time;103
1.7.3.5;9.5 Conclusion;104
1.7.3.6;References;104
1.8;Part IV Privacy-Preserving Speech Recognition;105
1.8.1;10 Overview of Speech Recognition with Privacy;106
1.8.1.1;10.1 Introduction;106
1.8.1.2;10.2 Client-Server Model for Speech Recognition;106
1.8.1.3;10.3 Privacy Issues;107
1.8.1.4;10.4 System Architecture;108
1.8.1.5;Reference;109
1.8.2;11 Privacy-Preserving Isolated-Word Recognition;110
1.8.2.1;11.1 Introduction;110
1.8.2.2;11.2 Protocol for Secure Forward Algorithm;111
1.8.2.2.1;11.2.1 Secure Logarithm Protocol;111
1.8.2.2.2;11.2.2 Secure Exponent Protocol;111
1.8.2.2.3;11.2.3 Secure Logsum Protocol;112
1.8.2.2.4;11.2.4 Secure Forward Algorithm Protocol;112
1.8.2.2.5;11.2.5 Security Analysis;113
1.8.2.3;11.3 Privacy-Preserving Isolated-Word Recognition;113
1.8.2.3.1;11.3.1 Simplified Secure Forward Algorithm;113
1.8.2.3.2;11.3.2 Protocol for Privacy-Preserving Isolated-Word Recognition;114
1.8.2.3.3;11.3.3 Computational Complexity;114
1.8.2.3.4;11.3.4 Practical Issues;115
1.8.2.3.5;11.3.5 Experiments;115
1.8.2.4;11.4 Discussion;116
1.8.2.5;References;116
1.9;Part V Conclusion;117
1.9.1;12 Thesis Conclusion;118
1.9.1.1;12.1 Summary of Results;118
1.9.1.2;12.2 Discussion;120
1.9.2;13 Future Work;122
1.9.2.1;13.1 Other Privacy-Preserving Speech Processing Tasks;122
1.9.2.1.1;13.1.1 Privacy Preserving Music Recognition and Keyword Spotting;122
1.9.2.1.2;13.1.2 Privacy Preserving Graph Search for Continuous Speech Recognition;123
1.9.2.2;13.2 Algorithmic Improvements;123
1.9.2.2.1;13.2.1 Ensemble of LSH Functions;123
1.9.2.2.2;13.2.2 Using Fully Homomorphic Encryption;123
1.9.2.3;References;124
1.10; Differentially Private Gaussian Mixture Models;125
1.10.1;A.1 Introduction;125
1.10.2;A.2 Large Margin Gaussian Classifiers;126
1.10.2.1;A.2.1 Modeling Single Gaussian per Class;126
1.10.2.2;A.2.2 Generalizing to Mixtures of Gaussians;127
1.10.2.3;A.2.3 Making the Objective Function Differentiable and Strongly Convex;128
1.10.3;A.3 Differentially Private Large Margin Gaussian Mixture Models;130
1.10.4;A.4 Theoretical Analysis;131
1.10.4.1;A.4.1 Proof of Differential Privacy;131
1.10.4.2;A.4.2 Analysis of Excess Error;133
1.10.5;A.5 Experiments;137
1.10.6;A.6 Conclusion;138
1.10.7;A.7 Supplementary Proofs;138
1.10.8;References;142
1.11; Author Biography;144
