[1]Krger J L, Lutz O H M, Raschke P. Privacy implications of voice and speech analysisinformation disclosure by inference[C] Proc of the 14th IFIP Int Summer School on Privacy and Identity Management (Privacy and Identity). Berlin: Springer, 2019: 242258[2]Yoshioka T, Ragni A, Gales M J F. Investigation of unsupervised adaptation of DNN acoustic models with filter bank input[C] Proc of IEEE Int Conf on Acoustics, Speech and Signal Processing (ICASSP). Piscataway, NJ: IEEE, 2014: 63446348[3]Fredrikson M, Lantz E, Jha S, et al. Privacy in pharma cogenetics: An endtoend case study of personalized warfarin dosing[C] Proc of the 23rd USENIX Security Symp. Berkeley, CA: USENIX Association, 2014: 1732[4]Fredrikson M, Jha S, Ristenpart T. Model inversion attacks that exploit confidence information and basic countermeasures[C] Proc of the 22nd ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2015: 13221333[5]Zhang Y, Jia R, Pei H, et al. The secret revealer: Generative modelinversion attacks against deep neural networks[C] Proc of the IEEECVF Conf on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2020: 253261[6]Chen S, Kahla M, Jia R, et al. Knowledgeenriched distributional model inversion attacks[C] Proc of the IEEECVF Int Conf on Computer Vision. Piscataway, NJ: IEEE, 2021: 1617816187[7]Dosovitskiy A, Brox T. Generating images with perceptual similarity metrics based on deep networks[J]. arXiv preprint, arXiv:1602.02644, 2016[8]Jacobsen J H, Smeulders A, Oyallon E. iRevNet: Deep invertible networks[J]. arXiv preprint, arXiv:1802.07088, 2018[9]Gomez A N, Ren M, Urtasun R, et al. The reversible residual network: Backpropagation without storing activations[COL] Proc of the 31st Conf on Neural Information Processing Systems. 2017[20231013]. https:www.doc88.comp91161589770769.html[10]Yang Z, Zhang J, Chang E C, et al. Neural network inversion in adversarial setting via background knowledge alignment[C] Proc of the 2019 ACM SIGSAC Conf on Computer Communications Security. New York: ACM, 2019: 225240[11]Dong X, Yin H, Alvarez J M, et al. Deep neural networks are surprisingly reversible: A baseline for zeroshot inversion[J]. arXiv preprint, arXiv: 2107.06304, 2021[12]Wang Z, Song M, Zhang Z, et al. Beyond inferring class representatives: Userlevel privacy leakage from federated learning[C] Proc of IEEE Conf on Computer and Communications. Piscataway, NJ: IEEE, 2019: 25122520[13]Shi Y, Sagduyu Y, Grushin A. How to steal a machine learning classifier with deep learning[C] Proc of IEEE Int Symp on Technologies for Homeland Security (HST). Piscataway, NJ: IEEE, 2017: 15[14]Shi Y, Zeng H, Nguyen T T. Adversarial machine learning for network security[C] Proc of IEEE Int Symp on Technologies for Homeland Security (HST). Piscataway, NJ: IEEE, 2019: 17[15]Zhang Y, Lv Z, Wu H, et al. Mfaconformer: Multiscale feature aggregation conformer for automatic speaker verification[J]. arXiv preprint, arXiv:2203.15249, 2022[16]Desplanques B, Thienpondt J, Demuynck K. ECAPATDNN: Emphasized channel attention, propagation and aggregation in TDNN based speaker verification[J]. arXiv preprint, arXiv:2005.07143, 2020[17]Snyder D, GarciaRomero D, Sell G, et al. Xvectors: Robust DNN embeddings for speaker recognition[C] Proc of IEEE Int Conf on Acoustics, Speech and Signal Processing (ICASSP). Piscataway, NJ: IEEE, 2018: 53295333[18]Bu H, Du J, Na X, et al. Aishell1: An opensource mandarin speech corpus and a speech recognition baseline[C] Proc of the 20th Conf of Oriental Chapter of the Int Coordinating Committee on Speech Databases and Speech IO Systems and Assessment (OCOCOSDA). Piscataway, NJ: IEEE, 2017: 15[19]Waibel A, Hanazawa T, Hinton G, et al. Phoneme recognition using timedelay neural networks[J]. IEEE Trans on Acoustics, Speech, and Signal Processing, 1989, 37(3): 328339 |