中大學術數位典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/99370
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 94201/94201 (100%)
Visitors : 81643442      Online Users : 6599
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://ir.lib.ncu.edu.tw/handle/987654321/99370


    Title: 基於生成式語音降噪的對抗式防禦;Adversarial Defense via Generative Speech Enhancement Module
    Authors: 陳祺道;Chen, Chi-Tao
    Contributors: 資訊工程學系
    Keywords: 深度學習;對抗式防禦;生成式語音增強;語音降噪;模型強健性;Adversarial Defense;Generative Speech Enhancement
    Date: 2025-12-11
    Issue Date: 2026-03-06 18:49:36 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 深度學習模型近年來在多項語音相關任務中展現了卓越的效能,但其對對抗性攻擊的脆弱
    性也引發了廣泛關注,特別是在安全關鍵的應用場景中更顯嚴重。為此,本研究提出一種防
    禦框架,結合高斯雜訊與語音增強模組,用以重建遭受對抗性擾動的輸入語音。我們的方法
    能有效消除對抗性擾動,同時保留語音的感知品質與語意可解釋性。
    在 SC09、VCTK 及 Qualcomm Keyword Spotting(QKWS)三個常用語音資料集上的實驗顯
    示,該方法在面對多種威脅模型下皆展現出優異的強健性,包括具不同限制範數與步長的
    PGD 攻擊、採用期望變換(EOT)策略的自適應白盒攻擊,以及如 FakeBob 所代表的查詢
    式黑盒攻擊。此外,與現有先進防禦方法相比,我們的方法在推論速度與模型大小方面皆具
    明顯優勢,極適合應用於即時性與資源受限之系統中。
    實驗結果充分證明了本研究在強化語音系統強健性方面的有效性與實用性。;Deep learning models have achieved state-of-the-art performance across various speech-related
    tasks; however, their vulnerability to adversarial attacks poses a significant challenge,
    particularly in safety-critical applications. In this work, we propose a defense framework that
    leverages a speech enhancement module with Gaussian noise to purify adversarial inputs. Our
    method effectively removes adversarial perturbations while preserving speech quality and
    semantic interpretability. Extensive experiments on SC09, VCTK, and QKWS datasets
    demonstrate that our approach achieves superior robustness under both white-box and black
    box threat models, including PGD with different steps, norm constraints, and EOT budgets, as
    well as query-based attack such as FakeBob. Moreover, our method outperforms prior defenses
    in terms of inference speed and model compactness, making it suitable for real-time, resource
    constrained deployments. These results highlight the effectiveness and efficiency of our
    approach as a practical defense mechanism for robust speech systems.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML95View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明