RU2351023C2 - User verification method in authorised access systems - Google Patents

Abstract

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to human biometric systems by individual characteristics of his voice for authorised access, for example, to an operating system, computer resources, bank account or physical access to rooms and in situations which require authorised access. The essence of the invention lies in the fact that the user verification method in systems of authorised access includes creation of a referral base of speaker data, creation of a user database, for user verification. The user enters their identifier and says the password from a random sequence of words from a vocabulary user database. After obtaining the sound signals of the pronounced password the probability of the pronounced password to the voice of the user is calculated and the decision to allow or deny access is taken.

EFFECT: reduction of the probability of mistaken admission of an impostor or rejection of a valid user using individual characteristics of the human voice in application to authorised access.

9 dwg

Description

Technical field

The invention relates to a person’s biometrics systems according to the individual characteristics of his voice as applied to authorization of access, for example, to an operating system, computer resources, bank account or physical access to a room and the like, requiring authorized access.

State of the art

Verification of the speaker by voice consists in confirming the correspondence of the characteristics of his voice to the pre-recorded characteristics when the speaker indicates his identifier (last name, code number, etc.) by non-voice means (for example, typing on the keyboard) or by automatically recognizing the spoken identifier.

Business performance is heavily dependent on information security. Unauthorized access to confidential information about the financial activities of the company, contracts and plans is fraught not only with losses, but also with complete bankruptcy. In many cases, information leakage occurs from within the company. Deception and abuse by its employees cause damage of 6% of annual profit, averaging $ 100,000 per case (in 14.6% of cases, losses exceeded $ 1,000,000) (Association of Certified Fraud Examiners, 2004). In the banking sector, losses from malicious activities by employees can be enormous.

Credit card parameters transmitted by telephone in 12% of cases are overheard, followed by theft of money from the card (American Bankers Association). Similarly, credit card parameters are intercepted in e-commerce systems or at ATMs. Stolen amounts amount to hundreds of millions of dollars a year.

Along with standard methods of increasing information security (digital passwords, special hardware, personnel policy), biometric means of authorizing access according to the user's personal characteristics are increasingly used. Among them, the most promising is the confirmation (verification) of a person by voice.

Voice password uses voice characteristics that are unique to that person. It is one of the most convenient and reliable means of ensuring information security. The use of a voice password does not require the hardware support necessary for the recognition of fingerprints, palm, iris or retina. The individual characteristics of the voice cannot be forgotten, lost, transferred to another person, stolen, and it is very difficult to fake.

The development of speaker verification systems by his voice is being conducted by large corporations in the USA (IBM, Lucent, ATT, Microsoft, Cisco, Nuance), Japan (Hitachi, Fujitsu, Matsushita), Europe (France Telecom, British Telecom, Philips), Korea (Samsung ), and specialized companies such as Persay, Sentrycom (Israel), Diaphonics, VoiceVault, VeriVoice, Quantum Signal (USA). Research in the field of speaker verification was the subject of a special issue of Speech Communication, 2000, v.31.

Speaker verification methods have been developed for several decades, however, the characteristics of the proposed systems are still far from the reliability requirements in many real-world applications. According to tests conducted annually by the National Institute of Standards and Technologies, USA, these systems are unstable with respect to the type of microphone and distance to it, noise and distortion in the communication channel, and natural variations in the speech characteristics of the speaker. This situation is determined by a formal statistical approach to the analysis of speech, which is extremely sensitive to differences in the learning environment of the verification and recognition system. A characteristic feature of such systems is their independence from language and context. It is also known that the errors associated with the “aging” of a trained model grow rapidly with time. Therefore, reports of extremely high reliability of verification should be treated with great caution.

The balance between the number of false pretense and false rejection does not suit the vast majority of potential customers, and the proposed verification systems are less than 1% of the potential market (Gartner Research, 2004).

To achieve maximum efficiency of the verification system, it is necessary to impose as many restrictions on the conditions for its use as possible, but these restrictions should not impede its operation. Among these limitations is the use of a fixed dictionary for a particular language. In particular, a voice password can be represented as a random sequence and the number of words from a limited vocabulary of numbers from 0 to 9. Such a random sequence prevents attempts to deceive the verification system by recording and then reproducing the password.

A known method of adapting to an unknown communication channel is described in US Pat. Nos. 6,233,556 and 6,804,447. For this purpose, several different types of sound receivers are used in the training of the verification system, for example, a carbon, electret, or mobile phone microphone. In the verification process, the spectral characteristics of the spoken word are compared with the stored characteristics of the word from the reference database. The difference in these spectral characteristics is used to normalize the unknown communication channel to one of the channels presented in the reference database. The disadvantage of this method is that the accuracy of such normalization depends on the accuracy of segmentation and the determination of the spectral characteristics of the segments that are used for normalization. In the case of a segmentation error, instead of normalizing the channel, a significant distortion of the characteristics of the received word will occur. Since the very segmentation of a word into informative elements of frequencies is accompanied by errors, the channel normalization process is associated with errors that worsen the reliability of verification.

A standard method is known for approximating the probability density in a feature space, which consists in calculating the parameters of a small number of normal distributions. This method is used, in particular, in patent US 6411930, in which the probability density of the distribution of features for the speaker to be verified is described by only one normal distribution. The disadvantage of this description is that due to the non-linear dependencies of the parameters from each other, the use of one normal distribution is accompanied by a large approximation error and, consequently, an increase in verification errors - skipping an impostor or rejecting a legitimate user. The approximation of the probability density of the set of reference speakers by several normal distributions also degrades the characteristics of the verification system, since the normal distribution is not limited in the space of arguments, while the real values of the parameters are limited both physically and in their ranges for each speaker.

In US Pat. No. 6,496,800, a fused sequence of words in a password is first automatically recognized regardless of the speaker. Then the parameters of each of the recognized words are compared with the parameters of the corresponding word of this speaker and speakers from the reference base.

The advantage of this approach is the practical impossibility of using the eavesdropped and recorded pronunciation of the password. However, the fundamental shortcomings of this approach do not allow achieving the required verification reliability. Firstly, word recognition is performed with noticeable errors of the order of several percent, and each such error leads to a significant drop in the measure of similarity of the spoken word with the words of this speaker recorded in the learning process. Secondly, the parameters of words in a continuous pronunciation can differ significantly from the parameters of words, which in the learning process should be recorded only in isolated pronunciation. Thirdly, the so-called phenomenon of coarticulation distorts the segments of words on the border with other words until the complete assimilation of the end or beginning of the word. As a result, the parameters of the word extracted from the continuous flow of speech differ from the parameters obtained in the learning process, and the probability of confirmation of a legitimate speaker decreases.

Solved technical problem

The described invention solves the problem of searching for such acoustic features that are resistant to interference and distortion in the user's communication channel with the verifier, while preserving at the same time the individual characteristics inherent in the voice of a particular user. In particular, it was necessary to create a method by which the probability of an impostor’s skipping error or refusal to a legitimate user does not exceed 0.05 if the number of numerals in the password is not less than 10 words, and the method should be resistant to stationary and non-stationary interference such as extraneous conversations and music signal-to-noise ratio from +12 dB and above, and verification errors should weakly depend on the type of sound receiver and the distance to it.

SUMMARY OF THE INVENTION

The essence of the invention consists in the fact that a method of user verification in access authorization systems is proposed, which includes creating a reference database of speakers, creating a user database, and for user verification, the user enters his identifier, after which the access authorization system prompts the user to generate a password from random the sequence of words from the dictionary of the user base, after receiving the sound signals of the spoken password, the system is authorized access calculates the probability that the spoken password belongs to the user's voice and decides whether to allow or deny access, in order to create a reference database, speakers are selected, voice signals spoken by the speakers from the given dictionary are recorded through the main types of sound receivers and in various rooms, calculate and store the dynamic spectra of these speech signals, mark the speech signals into the main types of segments, calculate and store the signals of dynamic detectors that determine the increase or decrease in energy in the frequency domains of the dynamic spectrum of the speech signal, the probability density in the feature space of each word is calculated and stored, from the set of each word implementation for all speakers of the reference base, reference sequences of segments that differ from each other by at least one segment are selected and stored at the same time, to create a database of users record speech signals of words spoken by users from a given dictionary, mark speech signals on basic types of segments, calculate and remember the probability density in the space of features of each word, when forming the user database and during its verification, the boundaries of the word segments are pre-set at the moments corresponding to the maxima of the total energy frequency of the dynamic detectors, while the characteristics of the segments are calculated as the frequencies of local maxima of the detectors of spectral-temporal and spectral inhomogeneities, with the final segmentation of the spoken word during verification Follow the important method using dynamic time-axis transformation to search the reference database of the reference sequence segment, and the characteristic values which are closest to the features of the spoken word segments.

In addition, the probability density in the feature space of each word for each user and speaker can be calculated as a normalized superposition of normal distributions with a mathematical expectation located in the coordinates of each vector corresponding to the implementation of this word, and the standard deviation is calculated in proportion to the average distance between the realizations of this word.

In addition, the probability that the spoken password belongs to the user's voice can be calculated as the average value of the probability of belonging of each word in the password.

In addition, to make a decision on access permission or refusal of access, the calculated probability can be compared with a threshold that is set for each user individually by minimizing the skipping error of the impostor at a given probability of failure for the user.

Achievable technical result

A method has been created that solves the problem of searching for such acoustic signs that are resistant to interference and distortion in the user's communication channel with the verifier, while preserving at the same time the individual characteristics inherent in the voice of a particular user. Resistance to stationary and non-stationary interference such as extraneous conversations and music is achieved with a signal-to-noise ratio of +12 dB or more, and verification errors are weakly dependent on the type of sound receiver and the distance to it. If the number of numerals in the password is not less than 10 words, then it is guaranteed that the probability of skipping an impostor or refusal to a legitimate user does not exceed 0.05.

The essence of the method and its operation is illustrated by drawings.

Figure 1 presents the waveforms, sonograms, detectors and phonetic marking of speech signals.

Figure 2 shows a block diagram of the formation of the reference database.

Figure 3 shows a block diagram of the formation of the speaker database.

Figure 4 shows a block diagram of the verification of the user by the sequence of words in the voice password.

The technical result is achieved by maximizing the use of available information. The present invention uses isolated pronunciation of words from a given dictionary, the word that the user must pronounce and the sequence of these words is determined by the verification system itself. In the process of creating databases for each word are segments whose parameters are best shared by the user and the speakers recorded in the reference database. In the space of these parameters, an approximation of the probability density is performed for each word segment, and during the verification process, the likelihood ratio relative to the corresponding segment of the corresponding word in the reference base is calculated for the segments of each spoken word. Then, using the Bayes formula for each space, the posterior probability of belonging to the user's voice is calculated, and these probabilities are averaged over all words in the password. The decision on access or denial is made by the value of this posterior probability relative to a certain threshold, individual for each user.

In the present invention, spectral-temporal heterogeneity detectors described in the article by V.N. Sorokin and D.N. Chepelev "Model of the primary analysis of speech signals" are used to segment the speech signal into characteristic sections, as well as to determine the characteristics of the speaker’s voice. Acoustic J., 2005, vol. 51, No. 3, pp. 340-346.

Operator

describes acoustic detectors of spectral-temporal inhomogeneities of a signal and simulates many well-known properties of auditory perception. Here S (ω, t) is the dynamic power spectrum of the received signal, ΔΩ is the frequency shift of the spectrum reference, ΔT is the time shift of the spectrum reference, θ ₁ and θ ₂ are the moving intervals of smoothing the spectral section in frequency, and τ ₁ and τ ₂ are the time constants of smoothing the spectral components with a first-order filter, C≥1.

The operator A (ω, t) has a number of important properties necessary for successful verification of the speaker. First of all, it weakly depends on additive interference and the amplitude-frequency characteristics of the communication channel, including the characteristics of different types of microphones. This property significantly increases the noise immunity of verification. For τ ₁ ≠ 0 and τ ₂ ≠ 0, the operator A (ω, t) estimates the rate of transients in the dynamic spectrum of the speech signal, forming various dynamic detectors for various combinations of τ ₁ and τ ₂ . These detectors simulate the effects of amplitude-frequency modulations in a speech signal. For θ ₁ ≠ 0 and θ ₂ ≠ 0, the operator A (ω, t) estimates the inhomogeneity of the spectral profile at each moment in time. At different values of the parameters θ ₁ and θ ₂ , detectors are formed that simulate the so-called lateral drag effect in the spectral region.

Detectors of spectral and spectral-temporal heterogeneities emphasize the individual characteristics of the speaker’s voice, since different sizes of the speech tract affect the shape of the instant spectrum and the speed of movement of articulatory organs - the tongue, lips and lower jaw.

Figure 1 shows examples of the operation of the detectors with different ratios of their parameters. At the top are waveforms of the sequence of words “one, six, four” marked with phono-acoustic segments. The type of segment is indicated on the flag set on the border of the corresponding segment. The types of segments are largely independent of the particular language for which the verification system is developed, although there are differences, for example, in the number of vowels or in the place of articulation of some consonants. The verification system for the Russian language is used more than 120 types of segments, including the drums, unstressed and reduced vowels and voiced segments without phonetic classification, such as segments between consonants and sound "p" (for example, in the word "m ^b pu "). In addition to the boundaries of phonetic elements - vowels and consonants, it is also necessary to indicate the boundaries of acoustic segments, such as noise sections of a speech signal after an explosion of consonant consonants. 1, such a segment in the word "six" is indicated by a flag with the symbols Th '.

Under the oscillograms, dynamic spectra (sonograms) are shown. Below the sonogram are shown the responses of a dynamic detector (detogram) that responds to an increase in energy in a given frequency band, and below it are the responses of a dynamic detector that responds to a decrease in energy. In both sonograms and detograms, the signal amplitude in a given frequency band is displayed by the degree of blackness of the image. Below are shown the responses of detectors describing the inhomogeneities of the spectral profile of the energy spectrum S for different parameters θ ₁ and θ ₂ .

The energy of each dynamic detector at each moment of time is summed over the frequency. The maxima of this function in time are taken beyond the boundaries of the segments of the speech signal, and the spectral profiles of detograms that are instantaneous or averaged over the quasi-stationary segment are used to calculate the characteristics of the speaker’s voice personality.

In addition to the properties of the operator A (ω, t), the stability of the estimation of voice parameters to various characteristics of the acoustic and electronic communication channels is also achieved by the fact that the reference database is formed using the main types of sound receivers (directional and non-directional microphones located at different distances from speaker) and the characteristics of the room in which the recording is made.

When forming the reference database, manual marking of speech signals is performed, which consists in establishing the boundaries between the segments and marking the type of segment following the border. At each boundary, the amplitudes and frequencies of the local maxima of the profile of detectors are read, which describe transients with increasing or decreasing energy in the spectrum of the speech signal. Between the boundaries of the segments, the average frequencies of the local maximums of the spectrum found using spectral inhomogeneity detectors are calculated. The set of dynamic and static parameters of the segments of each word forms the space of attributes of this word. In contrast to the communication channel normalization technique, in this invention, in the feature space, the probability density is calculated for all types of communication channels and all speakers of the reference database for each word used in the voice password. The advantage of this approach is the approximation of the characteristics of communication channels that are, as it were, between the characteristics of those types of channels that were used in the learning process. In addition, this avoids the normalization process, which is fraught with significant errors.

For the most accurate approximation of the probability density in the feature space, the feature vector of each word implementation is considered as the mathematical expectation of some hypersphere with a normal distribution. The standard deviation of this distribution is calculated in proportion to the average distance between the set of realizations of a given word for each speaker. Then the probability density in the attribute space of the word is calculated as the normalized superposition of all normal distributions. Such an approach is free from the drawbacks inherent in approximating the probability density by several or even more so by one normal distribution.

The segmentation of a word into acoustic elements is necessary to establish the correspondence of the parameters of words. For example, the frequencies of local extrema of the spectrum are calculated on segments of vowels, and on the segments of fricative sounds, the frequency characteristics of the noise portion of the spectrum. An error in the type of segment leads to a drop in the likelihood ratio of the analyzed word. The present invention uses an original segmentation method, which has no analogues in the world patent literature.

All types of acoustic and phonetic segments are reduced to 6 main types: vowel, nasal, deaf bow, voiced bow, voiced fricative, deaf fricative. In the process of training the system for all implementations of each word, a code book is formed from a given dictionary, consisting of many codes, presented in the form of a sequence of 6 basic types of segments. These codes serve as standards used in the segmentation of speech signals in the process of user verification. Each standard has its own attribute space in which the probability density is approximated. The whole set of standards of each word forms a common space of features of the word and is described by the probability density in this space. The process of forming a reference database is illustrated in the flowchart of FIG. 2.

When forming the database for the speaker to be verified, instead of manual marking, reference database standards are used. The words are segmented during the learning process of the system using this speaker using the standard dynamic programming method, which deforms the time axis and searches for a sequence of segments whose characteristics, in terms of a certain criterion, are closest to one of the reference database standards. Then, for each spoken word, a space of signs is determined, and in this space, according to all the words that participated in the training, a probability density is formed using a mixture of normal distributions. This process is illustrated in the flowchart of FIG. 3.

During the verification process, each spoken word is also segmented using sequences of word segments recorded in the reference database. Then, for the obtained sequence of segments, a vector of attributes of this word is formed, and the conditional probabilities of belonging of this vector to the attribute space of the speaker or the corresponding code in the reference base are read. The process of processing a speech signal and information flows in the verification mode of the speaker are shown in the block diagram (Figure 4).

Case Studies

"Methods of user verification in access sanitation systems."

The method can be implemented using hardware, for example, based on a digital signal processor or in the form of a specialized chip. One of the options for implementing the method can be represented as a software module designed to provide access to the Windows operating system in personal computers. Such a software module was tested on an extensive speech database consisting of 420 voice signals of different age and gender. The speech signals of different groups of speakers were recorded through different types of sound receivers, including 2 types of handsets, 2 types of noise-canceling microphones located on the headset, 2 types of directional microphones located at a distance of 20 cm and 80 cm from the speaker, an omnidirectional microphone and a cardioid a microphone located at a distance of 20 cm and 80 cm from the speaker. Recording of speech signals was carried out in rooms of various sizes. Each announcer pronounced each numeral from 0 to 9 from 20 to 40 times.

When testing the verification system, each speaker was assigned by the user in turn. Passwords from 10 numerals were randomly generated from his utterances, and the probability of skipping an impostor or failure was evaluated. The testing volume amounted to more than 30 million implementations, which is a fairly representative sample for the resulting estimate of the probability of errors of both kinds, which turned out to be less than 0.05.

When implementing the method, this database is used as a reference database. Each user carries out training of the verification system, pronouncing each numeral at least 20 times, and the order of the numerals is determined by the verification system. The number of pronunciations at the training stage, as well as the number of words in the password during verification, depends on the required ratio of the probability of skipping an impostor to the probability of rejection to a legitimate user. This relationship is set by the user.

Examples of operation of the verification system when authorizing access are illustrated by windows with system messages. When the verifier is called, a window appears in which the user is prompted to press the space bar to start the verification process (Figure 5). Then, the verification system sequentially displays the numerals that the user must say (Fig.6). The verification process ends with a decision on access or denial of access (Fig.7, 8). In case of refusal of access, the user is granted, for example, two more attempts. If these attempts were unsuccessful, it is proposed to enter a master key (Fig.9).

If the verification system is intended for individual use, the master key is known to the user. This key must be stored separately, similar to a credit card PIN. If the verification system is used, for example, in a company with many users, then the master key is known only to the system administrator or security representative.

Claims (1)

A method of user verification in access authorization systems, characterized in that the reference database of speakers is formed by recording speech signals through the main types of sound receivers and in various rooms, the database of each user is formed by recording speech signals with multiple pronunciations of each word from a given dictionary, speech the signals in the reference database and the database of each user are converted into signals from dynamic detectors that determine the increase or decrease in energy in the spectrum of the speech signal, the speech signal for each word is segmented into a sequence of basic types of segments, and the boundaries of the word segments in the reference database are set at time points corresponding to the local peaks of the total energy frequency of the dynamic detectors, and the sequence of word segments in the reference database is used as standards for segmentation of user speech signals, the amplitude and frequency of local maxima of the profile of dynamic detectors at the boundaries of segments and average hours the totals of the local maximums of the spectrum are used as attributes for each word, the probability density in the attribute space of each word in the reference base and base of each user is calculated as the normalized superposition of normal distributions with the mathematical expectation located in the coordinates of each vector corresponding to the implementation of this word, and the standard deviation in proportion to the average distance between all implementations of a given word in the database, at each entry into the sanction system To access the user enters their identifier, which determines their database, the access authorization system generates a password in the form of a random sequence of words from a given dictionary that the user must say alternately, for the segments of each spoken word, the likelihood ratio relative to the corresponding segment of the corresponding word in the reference database is calculated , then calculate the posterior probability of belonging to the user's voice, and these probabilities are averaged over to all the words in the password, in order to make a decision on access permission or refusal of access, the calculated posterior probability is compared with a threshold that is individual for each user.

Images