报告题目：On the Verification and Vulnerability of Neural Audio Watermarking

报告时间：2025年12月28日（星期日）14:00-15:00

报告方式：腾讯会议

会议码：738-723-364

报告人：潘淼

报告人简介：

Dr. Miao Pan is a Full Professor in the Department of Electrical and Computer Engineering at University of Houston. He was a recipient of NSF CAREER Award in 2014. He has published 3 books and book chapters, more than 160 papers in prestigious journals including ToN, JSAC, and TMC, and more than 160 papers in top conferences such as INFOCOM, MobiSys, ICCV, ICDM, AAAI, EMNLP, CIKM, VLDB, BigData, ICDCS, AsiaCCS, ICRA, and IPDPS. His work won IEEE TCGCC Best Conference Paper Awards 2019, and Best Paper Awards in ICC 2019, VTC 2018, Globecom 2017 and 2015, respectively. He has also been serving as TPC Co-Chair for Mobiquitous 2019, ACM WUWNet 2019, Local Chair for MobiHoc 2025, Symposium Co-Chair such as VTC 2024, GLOBECOM 2023, ICCC 2023, etc. Dr. Pan is an Associate Editor for ACM Computing Surveys, IEEE Journal of Oceanic Engineering, IEEE Open Journal of Vehicular Technology and IEEE Internet of Things (IoT) Journal. Dr. Pan is a senior member of ACM, IEEE.

报告内容简介：

As AI audio generation technology advances, audio watermarking has gained increasing attention as an essential tool for copyright protection and source verification. However, the integrity of audio content remains unverifiable—how can we determine whether an audio has been modified? In this talk, I first present SpeeCheck, the first self-contained speech integrity verification framework based on audio watermarking. SpeeCheck can effectively detect malicious tampering while remaining robust under benign operations such as compression or resampling. It achieves this by learning contrastive fingerprints that are robust to benign transformations but sensitive to tampering, and embedding these fingerprints into the audio itself as a watermark for direct, reference-free verification. As we further investigate the design of neural audio watermarking, we discovered a universal vulnerability. Current methods primarily focus on imperceptibility and robustness, often neglecting security. Based on this, I will further discuss a novel Overwriting Attack. This attack can overwrite a legitimate audio watermark with a forged one, rendering the original watermark undetectable. We demonstrate that this attack achieves a nearly 100% success rate across white-box, gray-box, and black-box settings, exposing a critical security flaw in existing neural audio watermarking systems and highlighting the urgent need for enhanced security in future designs.

主办单位：国产av影片-免费看色情影片

吉林大学软件学院

吉林大学计算机科学技术研究所

符号计算与知识工程教育部重点实验室

仿真技术教育部重点实验室

网络技术及应用软件教育部工程研究中心

吉林大学国家级计算机实验教学示范中心