Extracting Targeted Training Data from ASR Models, and How to Mitigate It. (arXiv:2204.08345v2 [cs.SD] UPDATED)

Recent work has designed methods to demonstrate that model updates in ASR
training can leak potentially sensitive attributes of the utterances used in
computing the updates. In this work, we design the first method to demonstrate
information leakage about training data from trained ASR models. We design
Noise Masking, a fill-in-the-blank style method for extracting targeted parts
of training data from trained ASR models. We demonstrate the success of Noise
Masking by using it in four settings for extracting names …

asr data training