Spoofing-aware speaker verification (SASV) systems combine automatic speaker verification (ASV) and spoofing countermeasure (CM) modules to defend against spoofing attacks. However, their vulnerability to adversarial attacks remains underexplored. This study presents an analytical investigation of how adversarial perturbations targeting individual modules can impact the overall integrity of SASV systems. In particular, we observe that attackers can substantially compromise system performance by manipulating just one module. This highlights the importance of identifying module-specific vulnerabilities. We conduct extensive experiments across six representative SASV architectures and three adversarial attack methods, under both white-box and black-box scenarios. Our findings indicate that the speaker verification module is the Achilles’ heel of spoofing-aware speaker verification systems. This insight informs future research directions aimed at developing next-generation systems with enhanced resilience to both spoofing and adversarial attacks. Such advancements are essential for improving the robustness and reliability of voice authentication in practical security applications.
Lee et al. (Thu,) studied this question.