Name: Tali Dror Name Yuval Hadad Name: Shani Budilovsky

Name: Tali Dror Degree: MSc in Electrical Engineering Supervisor: Prof. Haim Permuter Title: Reconstructing High-Resolution Faces from Speech Using Speaker-Aligned Diffusion Models Humans can infer aspects of a person’s facial identity from their voice alone, suggesting that speech and appearance share underlying anatomical and physiological cues. Learning this relationship computationally, however, is challenging due to the ambiguity of voice-to-face mapping, limited paired data, and the difficulty of preserving identity in realistic face generation. In this work we present a speech-to-face synthesis framework that addresses these challenges by combining identity-aware speaker representation learning with a pretrained diffusion-based face generator. By aligning speech and face embeddings in a shared identity space and carefully conditioning a diffusion model under limited supervision, our approach achieves significantly improved identity fidelity. Yuval Hadad Electrical Engineer Department Igal Bilik Topic: Adversarial Attack on Automotive Radar Point Cloud Classifiers Summary: Automotive radar systems have become critical components in autonomous driving, providing robust object detection capabilities across diverse weather conditions and lighting scenarios. This thesis investigates the vulnerability of deep learning based radar point cloud classifiers to adversarial attacks, addressing a critical gap in automotive safety research. The research is presented in two main contributions. First, we introduce the Radar PointNet architecture, specifically designed for automotive radar point cloud classification. R PointNet extends the conventional PointNet architecture by incorporating radar specific features including radial velocity, radar cross section values, and range information, enabling more effective classification of vehicles, motorcycles, and pedestrians. Second, we propose a comprehensive adversarial attack framework targeting radar based perception systems. Our initial approach introduces the Radar Car lini and Wagner attack, demonstrating that even small perturbations to radar point clouds can significantly degrade classification performance. Building on this foundation, we develop a novel group wise adversarial attack methodology that generates physically plausible perturbations by applying structured affine transformations to spatially coherent point groups. The group wise attack framework reduces optimization complexity from 256 to 100 learnable parameters for typical point clouds while paradoxically improving both attack effectiveness and imperceptibility. We introduce two grouping strategies: frame based grouping when temporal metadata is available, and PCA based grouping that approximates temporal structure using only spatial coordinates. Both methods achieve approximately 19% attack success rates while maintaining superior imperceptibility compared to unstructured baselines. Experimental evaluation on the RadarScenes dataset demonstrates R-PointNet achieves 94% classification accuracy compared to 60% for conventional PointNet. The adversarial attacks reveal critical vulnerabilities, with motorcycle targets showing highest susceptibility (54.5% attack success rate) and even well i ii classified vehicle categories experiencing 14.7% vulnerability. These findings underscore the urgent need for robust defense mechanisms in automotive radar perception systems before widespread deployment in safety critical autonomous driving applications. The research contributes both to advancing radar based deep learning architectures and to understanding their security vulnerabilities, providing essential groundwork for developing more resilient automotive perception systems Speaker: Shani Budilovsky M.Sc. student in Communication Systems Engineering, Electrical and Computer Engineering School, Ben-Gurion University of the Negev. Titel: Data Augmentation for Spoofing-robust Automatic Speaker Verification Supervisors: Dr. Yehuda Ben-Shimol and Prof. Itshak Lapidot Abstract: Automatic Speaker Verification (ASV) is a biometric authentication technology that verifies a speaker’s identity based on their voice characteristics and is widely used in security-sensitive applications such as access control and identity verification. Despite their success, ASV systems are vulnerable to spoofing attacks, including replay, synthetic, and manipulated speech. To address this challenge, Spoofing-robust ASV (SASV) systems combine speaker verification models with dedicated spoofing countermeasures to jointly improve verification accuracy and attack resistance. Data augmentation has become a key technique for improving the generalization and robustness of deep learning-based ASV and countermeasure models by increasing training data diversity and simulating real-world acoustic variability. Augmentation methods can be applied at the waveform level or at the time-frequency representation level, such as spectrogram-based techniques. However, in the SASV setting, not all augmentation strategies are equally beneficial, and some may improve speaker discrimination while degrading spoof detection performance, or vice versa. This seminar examines the effect of different data augmentation strategies on both ASV and spoofing-robust ASV systems, and discusses the importance of carefully designing augmentation pipelines that balance speaker verification accuracy with spoofing robustness in practical SASV systems.