This work studies the vulnerabilities of i-vector based speaker verification systems against indirect attacks. Particularly, we exploit the one-to-one representation of speakers via their corresponding i-vectors to perform Hill-Climbing based attacks; under the hypothesis that the inherent low-dimensionality of i-vectors might represent a potential security breach to fraudulently access the system. The conducted attacks followed a standard experimental protocol already applied to other biometric systems based on face or signature; and they were tested against a state-of-art PLDA speaker verification system in the framework of the NIST SRE 2010 evaluation campaign. Specifically, up to 200 speakers, 100 female and 100 male, were attacked supplanting their corresponding i-vectors by those derived with the Hill-Climbing approach. Experiments show the success of the proposed attack compared with those based on brute force, achieving high Success Rates (up to 100%) and needing half as many comparisons as the brute force access attempts. These results evidence the vulnerability of i-vector based speaker verification systems in those scenarios where access to the matcher score is granted multiple times. As a countermeasure to minimize the effect of the attack score quantization is also evaluated.
Bibliographic reference. Gomez-Barrero, Marta / Gonzalez-Dominguez, Javier / Galbally, Javier / Gonzalez-Rodriguez, Joaquin (2013): "Security evaluation of i-vector based speaker verification systems against hill-climbing attacks", In INTERSPEECH-2013, 935-939.