voice assistant devices
play

Voice Assistant Devices Alexa, play Todays Hits on Pandora Alexa, - PowerPoint PPT Presentation

Feb 05, 2023 •287 likes •702 views

Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems Nan Zhang, Xianghang Mi , Xuan Feng, XiaoFeng Wang, Yuan Tian, Feng Qian Voice Assistant Devices Alexa,

  1. Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems Nan Zhang, Xianghang Mi , Xuan Feng, XiaoFeng Wang, Yuan Tian, Feng Qian

  2. Voice Assistant Devices Alexa, play Today’s Hits on Pandora Alexa, turn on Living Room lights Alexa, ask PayPal to send 10 dollars to Sam Alexa, ask Medical Assistant to give me my diagnosis

  3. Smart Enough to be Secure? Not Yet

  4. Outline Brainstrom Brainstrom Brainstorm Security Requirements and Gaps Brainstrom Brainstrom Mechanism, Security Requirements and Gaps Security Requirements and Gaps Security Requirements and Gaps Security Requirements and Gaps Attack Attack Attack Attack Attack Voice Squatting & Voice Masquerading Voice Squatting & Voice Masquerading Voice Squatting & Voice Masquerading Voice Squatting & Voice Masquerading Voice Squatting & Voice Masquerading Scenarios Scenarios Scenarios Scenarios Scenarios Attack Attack Attack Attack Attack Data & Device, Defamation, and Phishing Data & Device, Defamation, and Phishing Data & Device, Defamation, and Phishing Data & Device, Defamation, and Phishing Data & Device, Defamation, and Phishing Consequences Consequences Consequences Consequences Consequences Attack Attack Attack Attack Attack User Study, Attack Experiments and Measurements User Study, Attack Experiments and Measurements User Study & Attack Experiments and Deployment User Study & Attack Experiments and Deployment User Study & Attack Experiments and Deployment Practicality Feasibility Feasibility Practicality Practicality Defense Defense Defense Defense Defense Skill Response Checker & User Intention Classifier Skill Response Checker & User Intention Classifier Skill Response Checker & User Intention Classifier Skill Response Checker & User Intention Classifier Skill Response Checker & User Intention Classifier

  5. How it works? Voice assistants work like a relay, proxying and translating conversation between users and skills Alexa, play Today’s Hits on Pandora Alexa, turn on Living Room lights Alexa, ask PayPal to send 10 dollars to Sam Voice Assistant Third-party User Smart Speaker Cloud Skill Clouds

  6. Security requirements and gaps IP Packets IP Packets ……. Destination Source Host Host Network Router Network Router Route the source payload to the CORRECT destination Voice Text Commands Commands Destination Voice Assistant Platforms Skill

  7. Security requirements and gaps Requirements for Network Routing System Voice Assistant Platforms Reliable Payload Routing Destinations should be Skill Invocation Names IP addresses in text forms assigned with addresses Di ff erent destinations should have Di ff erent network hosts are Alexa allows skills to have with di ff erent IP addresses same invocation names unique addresses The tra ffi c should embed the Each IP packet has dest IP Users are not machines & address as the header field natural language is diverse destination address The routing system should Well-defined Complicated AI systems correctly retrieve destination IP packet format address Longest prefix matching Longest prefix matching Conflicting Paths

  8. Voice Squatting Voice assistants may fail to understand user’s intention, and mistakenly invoke wrong skills Alexa, ask PayPal to send 10 dollars to Sam Voice Assistant Third-party User Smart Speaker Cloud Skill Clouds

  9. Voice Masquerading Skill switching is not well supported, allowing a skill to masquerade itself as other skills or even the system Alexa, open PayPal please Yes, I am PayPal, give me your credentials Voice Assistant Third-party User Smart Speaker Cloud Skill Clouds

  10. Potential Consequences of Voice Squatting Compromise of user’s Propagate fake or controversial information sensitive data or devices Traditional Phishing Compromise reputation of the victim skill Money, Access to home devices historical transactions, bank accounts

  11. Potential Consequences of Voice Squatting Compromise of user’s Propagate fake or controversial information sensitive data or devices Traditional Phishing Compromise reputation of the victim skill President Trump didn’t We regret to tell you our twitter last week diagnosis shows that XX

  12. Potential Consequences of Voice Squatting Compromise of user’s Propagate fake or controversial information sensitive data or devices Traditional Phishing Compromise reputation of the victim skill

  13. Potential Consequences of Voice Squatting Compromise of user’s Propagate fake or controversial information sensitive data or devices Traditional Phishing Compromise reputation of the victim skill

  14. Potential Consequences of Voice Masquerading Fake Skill Switching Fake Skill Termination Same consequences as the voice squatting

  15. Potential Consequences of Voice Masquerading Fake Skill Switching Fake Skill Termination Record user’s conversations Skill recommendation

  16. How realistic are those attacks? Study how users invoke skills Study how well the platforms can understand voice commands Identify real-world attacks Experiment proof-of- concept attack skills

  17. How realistic are those attacks? Study how users invoke skills Study how well the platforms can understand voice commands Identify real-world attacks Experiment proof-of- concept attack skills

  18. How realistic are those attacks? • “Sleep Sounds”, “Cat Facts” • Multi-choice questions combined with open questions Amazon Google Yes, “open Sleep Sounds please” 64% 55% When invoking skills, Users tend to use diverse and Yes, “open Sleep Sounds for me” 30% 25% natural-language utterances Yes, “open Sleep Sounds app” 26% 20% Longest prefix matching creates Yes, “open my Sleep Sounds” attack space for voice squatting 29% 20% Yes, “open the Sleep Sounds” 20% 14% Yes, “play some Sleep Sounds” 42% 35% Yes, “tell me a Cat Facts” 36% 24% Users’ preference when invoking skills

  19. How realistic are those attacks? Study how users invoke skills Study how well the platforms can understand voice commands Identify real-world attacks Experiment proof-of- concept attack skills

  20. How realistic are those attacks? Record Play Recognition Invocation Voice Voice Assistant Helper Skill Names Recordings Platforms 100 invocation names for each platform Human subjects & TTS services Those voice assistant platforms are error-prone when recognizing voice commands TTS services Human subjects Florid state quiz Florid snake quiz Alexa 30% 57% Rent Europe Read your app Google 9% 10% Recognition Mistake Rates

  21. How realistic are those attacks? Study how users invoke skills Study how well the platforms can understand voice commands Identify real-world attacks Experiment proof-of- concept attack skills

  22. How realistic are those attacks? Voice Squatting through invocation name extending Capital One Please Compose attacks skills Capital One My Capital One Capital One App Register attacks skills Voice Squatting through similar pronunciation Generate and record voice commands Capital Won Play voice commands and decide Capital One Captain One whether attack stills get invoked Capitol One Attack skills were not published to the skill market

  23. How realistic are those attacks? Voice Squatting through invocation name extending Alexa Google invocation name + “please” 10/10 0/10 Compose attacks skills “my” + invocation name 7/10 0/10 “the” + invocation name 10/10 0/10 Register attacks skills invocation name + “app” 10/10 10/10 “mai” + invocation name 10/10 - Generate and record voice commands invocation name + “plese” - 10/10 Voice Squatting through similar pronunciation Play voice commands and decide whether attack stills get invoked Alexa Google Amazon Google Amazon Google Human Human TTS TTS TTS TTS 10/17 12/17 > 50% 4/7 2/4 > 50%

  24. How realistic are those attacks? Study how users invoke skills Study how well the platforms can understand voice commands Identify real-world attacks Experiment proof-of- concept attack skills

  25. Identify Skills with Competing Invocation Names (CIN) How realistic are those attacks? Generate CINs for each Collect Available Skills Identify Competing Skills invocation name Invocation names on the market Alexa: 19, 670 Google: 1001 • Pronunciation CINs on the Invocation name Text Paraphrasing comparison market

  26. Real-World Attack Measurement Invocation names on the market Pronunciation CINs on the Invocation name Text Paraphrasing comparison market Capital One K AE P IH T AH L . W AH N . Capital One please … Capital One Captain One Capital One app … The Capital One … Captain One …

  27. Real-World Attack Measurement 66 skills were named as “cat facts” , 19% (3718) skills : same pronunciation and provided similar functions. 2.7% (531) skills: same pronunciation , but di ff erent spelling 1.8% (345) skills: longest prefix matching Interesting cases “SCUBA Diving Trivia” Skill and “Soccer Geek” skill, dog fact me a dog fact registered “space geek” as invocation names

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Building a Voice Assistant for Enterprise Manju Vijayakumar Lead Software Engineer, Salesforce

Building a Voice Assistant for Enterprise Manju Vijayakumar Lead Software Engineer, Salesforce

Building a Voice Assistant for Enterprise Manju Vijayakumar Lead Software Engineer, Salesforce @vmanju QConSF, Nov 2018 Agenda Why Voice? Demo of Einstein Voice Assistant Conversational AI Ecosystem Natural Language

1.02k views • 48 slides
DEVICES Geoffrey Zweig Outline What is Mobile Voice search? An example: Live Search for

DEVICES Geoffrey Zweig Outline What is Mobile Voice search? An example: Live Search for

Microsoft Research ---- Lang Tech 2008 VOICE SEARCH ON MOBILE DEVICES Geoffrey Zweig Outline What is Mobile Voice search? An example: Live Search for Windows Mobile Why is it important? The Competitive Landscape Basic

913 views • 48 slides
The regulation of IVD medical devices Euan Miller Assistant Director, Devices Application and

The regulation of IVD medical devices Euan Miller Assistant Director, Devices Application and

The regulation of IVD medical devices Euan Miller Assistant Director, Devices Application and Verification Devices Authorisation Branch Market Authorisation Division, TGA ARCS Scientific Congress 2015 7 May 2015 Outline Overview of

821 views • 25 slides
Aisle Safety Light Brightness SFMTA Fleet Engineering Voice Annunciator Volume Voice

Aisle Safety Light Brightness SFMTA Fleet Engineering Voice Annunciator Volume Voice

Voice Annunciator Volume and Aisle Safety Light Brightness SFMTA Fleet Engineering Voice Annunciator Volume Voice announcements are handled by the coachs Clever Devices announcement system. Voice Annunciator Volume Voice Annunciator

558 views • 7 slides
1 - Devices This section describes the basic types of devices. Desktop and Laptop computers A

1 - Devices This section describes the basic types of devices. Desktop and Laptop computers A

Table of Contents 1) Devices 2) Searching 3) Zooming 4) OCR 5) Voice Command 6) TV Navigation 7) Video Described 8) Video Streaming 9) Phone Numbers and Links 1 - Devices This section describes the basic types of devices. Desktop and Laptop

411 views • 6 slides
Building Smarter Offices with Grandstream Why WiFi Voice and Video 31 billion devices are

Building Smarter Offices with Grandstream Why WiFi Voice and Video 31 billion devices are

Building Smarter Offices with Grandstream Why WiFi Voice and Video 31 billion devices are expected to be connected to the IoT over wireless channels by the end of 2018 IHS Markit Report 71% of all mobile communications occur over a WiFi

776 views • 8 slides
DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes Presented by N7MOT Lenny Gemar Amateur radio began with spark gap transmitters, evolving to Morse code and analog voice

442 views • 20 slides
Digital Voice VHF, UHF, and HF Analog Voice - AM/SSB Analog Voice - FM Digital Voice GMSK UHF

Digital Voice VHF, UHF, and HF Analog Voice - AM/SSB Analog Voice - FM Digital Voice GMSK UHF

Digital Voice VHF, UHF, and HF Analog Voice - AM/SSB Analog Voice - FM Digital Voice GMSK UHF 4FSK VHF C4FM AMBE, AMBE+2, Codec-2 HF OFDM Audio Vocoder Modulator Integrate data into protocol A/D Compressed 10101111010 Mic

729 views • 13 slides
WSCA WIRELESS VOICE SERVICES, WIRELESS DATA SERVICES, ACCESSORIES, EQUIPMENT & DEVICES

WSCA WIRELESS VOICE SERVICES, WIRELESS DATA SERVICES, ACCESSORIES, EQUIPMENT & DEVICES

WSCA WIRELESS VOICE SERVICES, WIRELESS DATA SERVICES, ACCESSORIES, EQUIPMENT & DEVICES State of Nevada Contract Number 1907 WSCA Wireless Webinar May 30, 2012 WSCA WIRELESS, VOICE SERVICES, DATA SERVICES ACCESSORIES, EQUIPMENT &

368 views • 23 slides
Voice production Larynx and the vocal folds ARTICULATION PHONATION BREATHING (Lena Lyons efter

Voice production Larynx and the vocal folds ARTICULATION PHONATION BREATHING (Lena Lyons efter

M Sdersten, Karolinska Institutet, Rekjavik, Oct 12, 2012 Voice team Karolinska University Hospital and Karolinska Institute Voice production and teachers voice disorders How does the voice work and what makes it to fail?

73 views • 5 slides
Spotlight on Medical Device MMDR Reforms Dr Cheryl McRae Assistant Secretary Medical Devices

Spotlight on Medical Device MMDR Reforms Dr Cheryl McRae Assistant Secretary Medical Devices

Spotlight on Medical Device MMDR Reforms Dr Cheryl McRae Assistant Secretary Medical Devices Branch, TGA 2017 ARCS Annual Conference August, 2017 Expert Panel Review (MMDR) Two reports released during 2015 Medicines and Devices

700 views • 18 slides
The Vocal Joystick: Voice-based Continuous Control of Electro-mechanical Devices Jeff Bilmes

The Vocal Joystick: Voice-based Continuous Control of Electro-mechanical Devices Jeff Bilmes

The Vocal Joystick: Voice-based Continuous Control of Electro-mechanical Devices Jeff Bilmes http://melodi.ee.washington.edu/~bilmes University of Washington, Seattle Department of Electrical Engineering A Speech Mouse Can you use speech

342 views • 12 slides
There is a voice speaking. That voice is sovereign. That voice alone is sovereign. Jeremiah

There is a voice speaking. That voice is sovereign. That voice alone is sovereign. Jeremiah

Jeremiah 1:1-19 There is a voice speaking. That voice is sovereign. That voice alone is sovereign. Jeremiah 1:1-19 That voice rules. not only heard, but heeded. not only obliged, but obyed. Jeremiah 1:1-19 the word of the Lord

617 views • 12 slides
Getting Sta rted with Voice API Lorna Mitchell Getting Sta rted with Voice API Use the Voice

Getting Sta rted with Voice API Lorna Mitchell Getting Sta rted with Voice API Use the Voice

Getting Sta rted with Voice API Lorna Mitchell Getting Sta rted with Voice API Use the Voice API to make and receive calls, play audio, send and receive DTMF tones, and to record calls. Workshop plan: Introduce concepts and vocabulary

480 views • 19 slides
1 Incidence of teachers voice problems in UK LSBU survey of teachers voice levels (2004) 36

1 Incidence of teachers voice problems in UK LSBU survey of teachers voice levels (2004) 36

Damaging effects of noise on hearing and voice in childrens Outline learning environments Reykjavik Iceland 12-13 October 2012 Voice Care Network Oral communication ergonomic work in UK Incidence of teachers voice problems in UK

551 views • 5 slides
SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit

SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit

SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit Management Systems Diane Serban, Ph.D., SAA Inc. Vincent Houston, NASA Langley Research Center SAA Provides Off-Line VOICE RECOGNITION Solutions to

501 views • 11 slides
Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin Andrei

Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin Andrei

Embedded Devices Security Firmware Reverse Engineering Jonas Zaddach Andrei Costin Andrei Costin/Jonas Zaddach www.firmware.re 1/78 Administratrivia Please fill-in the BH13US Feedback Form - Thanks! The views of the authors are their

1.19k views • 78 slides
The Sparse Vector Technique and online query answering

The Sparse Vector Technique and online query answering

The Sparse Vector Technique and online query answering CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 11: 590.03 Fall 16 1 Offline QA

477 views • 27 slides
A Dynamic Programming Approach to De Novo Peptide Sequencing via Tandem Mass Spectrometry Ting

A Dynamic Programming Approach to De Novo Peptide Sequencing via Tandem Mass Spectrometry Ting

Journal of Computational Biology, 8(3): 325-337, 2001 A Dynamic Programming Approach to De Novo Peptide Sequencing via Tandem Mass Spectrometry Ting Chen Department of Genetics Harvard Medical School Boston, MA 02115, USA Ming-Yang Kao

236 views • 13 slides
Appetizer: Simultaneous Translation ACL 2019 Invited Talk Simultaneous Translation: Recent

Appetizer: Simultaneous Translation ACL 2019 Invited Talk Simultaneous Translation: Recent

LinearFold: Linear-Time Parsing Meets RNA Folding x GCGGGAAUAGCUCAGUUGGUAGAGCACGACCUUGCCAAGGUCGGGGUCGCGAGUUCGAGUCUCGUUUCCCGCUCCA y (((((((..((((........)))).(((((.......))))).....(((((.......)))))))))))).... 1 G C U C C A C G G C 70

1.29k views • 108 slides
Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How

Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How

Packet Validation in the Network Environments Yingdi Yu UCLA 1 Packet Authentication How to authenticate a data packet containing the electricity usage of a room at certain time? Data is signed, but how to verify the signature?

224 views • 19 slides
An Introduction to UK Payroll (4) Ian Holloway Head of Legislation and Compliance Income Tax

An Introduction to UK Payroll (4) Ian Holloway Head of Legislation and Compliance Income Tax

An Introduction to UK Payroll (4) Ian Holloway Head of Legislation and Compliance Income Tax Agenda Legislation The UK tax year Taxable pay The Personal Allowance The tax code The pay adjustment Income Tax

822 views • 22 slides
CMSC 471 CMSC 471 Fall 2015 Fall 2015 Class #3 Class #3 Thursday 9/3/15 Thursday 9/3/15

CMSC 471 CMSC 471 Fall 2015 Fall 2015 Class #3 Class #3 Thursday 9/3/15 Thursday 9/3/15

CMSC 471 CMSC 471 Fall 2015 Fall 2015 Class #3 Class #3 Thursday 9/3/15 Thursday 9/3/15 Problem Solving as Search Problem Solving as Search Todays class Goal-based agents Representing states and operators Example problems

801 views • 41 slides
over Large Datasets Siavosh Benabbas Rosario Gennaro Yevgeniy Vahlis University of Toronto IBM

over Large Datasets Siavosh Benabbas Rosario Gennaro Yevgeniy Vahlis University of Toronto IBM

Verifiable Delegation of Computation over Large Datasets Siavosh Benabbas Rosario Gennaro Yevgeniy Vahlis University of Toronto IBM Research AT&T Cloud Computing Data D Code F Y F(D) F(D) Cloud could be malicious or arbitrarily

439 views • 29 slides

More recommend