Browse Prior Art Database

Secure audio processing

IP.com Disclosure Number: IPCOM000253578D
Publication Date: 2018-Apr-12

Publishing Venue

The IP.com Prior Art Database

Abstract

Automatic speech recognizers (ASR) are now nearly ubiquitous, finding application in smart assistants, smartphones, smart speakers, and other devices. An attack on an ASR that triggers such a device into carrying out false instructions can lead to severe consequences. Typically, speech recognition is performed using machine learning models, e.g., neural networks, whose intermediate outputs are not always fully concealed. Exposing such intermediate outputs makes the crafting of malicious input audio easier. This disclosure describes techniques that thwart attacks on speech recognition systems by moving model inference processing to a secure computing enclave. The memory of the secure enclave and signals are inaccessible to the user and untrusted processes, and therefore, resistant to attacks. KEYWORDS ● Secure audio processing ● Secure enclave ● Speech recognition ● Secure computing