Dan Su,Jiqiang Liu,Sencun Zhu,Xiaoyang Wang,Wei Wang

DOI: https://doi.org/10.48550/arXiv.2010.10788

2020-10-21

Abstract:The home voice assistants such as Amazon Alexa have become increasingly popular due to many interesting voice-activated services provided through special applications called skills. These skills, though useful, have also introduced new security and privacy challenges. Prior work has verified that Alexa is vulnerable to multiple types of voice attacks, but the security and privacy risk of using skills has not been fully investigated. In this work, we study an adversary model that covers three severe privacy-related vulnerabilities, namely,over-privileged resource access, hidden code-manipulation and hidden content-manipulation. By exploiting these vulnerabilities, malicious skills can not only bypass the security tests in the vetting process, but also surreptitiously change their original functions in an attempt to steal users' personal information. What makes the situation even worse is that the attacks can be extended from virtual networks to the physical world. We systematically study the security issues from the feasibility and implementation of the attacks to the design of countermeasures. We also made a comprehensive survey study of 33,744 skills in Alex Skills Store.

Cryptography and Security

Xinyu Lei,Guan-Hua Tu,Alex X. Liu,Kamran Ali,Chi-Yu Li,Tian Xie

DOI: https://doi.org/10.48550/arXiv.1712.03327

2019-11-13

Abstract:Home Digital Voice Assistants (HDVAs) are getting popular in recent years. Users can control smart devices and get living assistance through those HDVAs (e.g., Amazon Alexa, Google Home) using voice. In this work, we study the insecurity of HDVA service by using Amazon Alexa as a case study. We disclose three security vulnerabilities which root in the insecure access control of Alexa services. We then exploit them to devise two proof-of-concept attacks, home burglary and fake order, where the adversary can remotely command the victim's Alexa device to open a door or place an order from <a class="link-external link-http" href="http://Amazon.com" rel="external noopener nofollow">this http URL</a>. The insecure access control is that the Alexa device not only relies on a single-factor authentication but also takes voice commands even if no people are around. We thus argue that HDVAs should have another authentication factor, a physical presence based access control; that is, they can accept voice commands only when any person is detected nearby. To this end, we devise a Virtual Security Button (VSButton), which leverages the WiFi technology to detect indoor human motions. Once any indoor human motion is detected, the Alexa device is enabled to accept voice commands. Our evaluation results show that it can effectively differentiate indoor motions from the cases of no motion and outdoor motions in both the laboratory and real world settings.

Cryptography and Security

Nan Zhang,Xianghang Mi,Xuan Feng,XiaoFeng Wang,Yuan Tian,Feng Qian

DOI: https://doi.org/10.48550/arXiv.1805.01525

2018-05-03

Cryptography and Security

Abstract:Virtual personal assistants (VPA) (e.g., Amazon Alexa and Google Assistant) today mostly rely on the voice channel to communicate with their users, which however is known to be vulnerable, lacking proper authentication. The rapid growth of VPA skill markets opens a new attack avenue, potentially allowing a remote adversary to publish attack skills to attack a large number of VPA users through popular IoT devices such as Amazon Echo and Google Home. In this paper, we report a study that concludes such remote, large-scale attacks are indeed realistic. More specifically, we implemented two new attacks: voice squatting in which the adversary exploits the way a skill is invoked (e.g., "open capital one"), using a malicious skill with similarly pronounced name (e.g., "capital won") or paraphrased name (e.g., "capital one please") to hijack the voice command meant for a different skill, and voice masquerading in which a malicious skill impersonates the VPA service or a legitimate skill to steal the user's data or eavesdrop on her conversations. These attacks aim at the way VPAs work or the user's mis-conceptions about their functionalities, and are found to pose a realistic threat by our experiments (including user studies and real-world deployments) on Amazon Echo and Google Home. The significance of our findings have already been acknowledged by Amazon and Google, and further evidenced by the risky skills discovered on Alexa and Google markets by the new detection systems we built. We further developed techniques for automatic detection of these attacks, which already capture real-world skills likely to pose such threats.

Ashley Allen,Alexios Mylonas,Stilianos Vidalis,Dimitris Gritzalis

DOI: https://doi.org/10.3390/s24175465

IF: 3.9

2024-08-25

Sensors

Abstract:Smart security devices, such as smart locks, smart cameras, and smart intruder alarms are increasingly popular with users due to the enhanced convenience and new features that they offer. A significant part of this convenience is provided by the device's companion smartphone app. Information on whether secure and ethical development practices have been used in the creation of these applications is unavailable to the end user. As this work shows, this means that users are impacted both by potential third-party attackers that aim to compromise their device, and more subtle threats introduced by developers, who may track their use of their devices and illegally collect data that violate users' privacy. Our results suggest that users of every application tested are susceptible to at least one potential commonly found vulnerability regardless of whether their device is offered by a known brand name or a lesser-known manufacturer. We present an overview of the most common vulnerabilities found in the scanned code and discuss the shortcomings of state-of-the-art automated scanners when looking at less structured programming languages such as C and C++. Finally, we also discuss potential methods for mitigation, and provide recommendations for developers to follow with respect to secure coding practices.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Nan Zhang,Xianghang Mi,Xuan Feng,XiaoFeng Wang,Yuan Tian,Feng Qian

DOI: https://doi.org/10.1109/sp.2019.00016

2019-01-01

Abstract:Virtual personal assistants (VPA) (e.g., Amazon Alexa and Google Assistant) today mostly rely on the voice channel to communicate with their users, which however is known to be vulnerable, lacking proper authentication (from the user to the VPA). A new authentication challenge, from the VPA service to the user, has emerged with the rapid growth of the VPA ecosystem, which allows a third party to publish a function (called skill) for the service and therefore can be exploited to spread malicious skills to a large audience during their interactions with smart speakers like Amazon Echo and Google Home. In this paper, we report a study that concludes such remote, large-scale attacks are indeed realistic. We discovered two new attacks: voice squatting in which the adversary exploits the way a skill is invoked (e.g., "open capital one"), using a malicious skill with a similarly pronounced name (e.g., "capital won") or a paraphrased name (e.g., "capital one please") to hijack the voice command meant for a legitimate skill (e.g., "capital one"), and voice masquerading in which a malicious skill impersonates the VPA service or a legitimate skill during the user's conversation with the service to steal her personal information. These attacks aim at the way VPAs work or the user's misconceptions about their functionalities, and are found to pose a realistic threat by our experiments (including user studies and real-world deployments) on Amazon Echo and Google Home. The significance of our findings has already been acknowledged by Amazon and Google, and further evidenced by the risky skills found on Alexa and Google markets by the new squatting detector we built. We further developed a technique that automatically captures an ongoing masquerading attack and demonstrated its efficacy.

Ahmed J. Obaid

DOI: https://doi.org/10.54489/ijcim.v1i1.34

2021-12-19

Abstract:A smart home personal assistant technology is an intrinsic system, which incorporates many elements such as users, Smart Home Personal Assistants (SPA) devices, cloud, skill provider and other responsive devices. Even though Smart Home Personal Assistants give a robust security and privacy options, the devices face many weaknesses, which make the system vulnerable and can be comprised by adversaries, who can capitalize on limitations to gain access to delicate information and privacy of users. In this research, the aim is to assess how invention and innovation of security and SPA can be harnessed by users to interrelate with the system. Subsequently, this write-up will address both the problems related to the system and attempt to bring in solutions, which makes the technology more adaptable and versatile to all users. Initial studies show that some of the weakness underlying the technology include the open-nature of the voice channel, complexity of the architecture, software implications, and the utility of the technology to less proficient users. As a result, the study anticipates at solving the voice squatting attack, using the SPA intelligent assistant, incorporating a filer to filter the ultrasonic attack and noise as well as trying to assess the efficacy of the elements developed against the voice squatting attacks. The study found out that there is a need to mitigate the attacks on the blockchain technology and Natural Language Processors (NLP) to assure protection of SPA from attacks.

English Else

Khairunisa Sharif,Bastian Tenbergen,,

DOI: https://doi.org/10.7250/csimq.2020-24.02

2020-10-31

Complex Systems Informatics and Modeling Quarterly

Abstract:Intelligent voice assistants are internet-connected devices, which listen to their environment and react to spoken user commands in order to retrieve information from the internet, control appliances in the household, or notify the user of incoming messages, reminders, and the like. With their increasing ubiquity in smart homes, their application seems only limited by the imagination of developers, who connect these off-the-shelf devices to existing apps, online services, or appliances. However, since their inherent nature is to observe the user in their home, their ubiquity also raises concern of security and user privacy. To justify the trust placed into the devices, the devices must be secure from unauthorized access and the back-end infrastructure tasked with speech-to-text analysis, command interpretation, and connection to other services and appliances must maintain confidentiality of data. To investigate existing possible vulnerabilities, approaches to mitigate them, as well as general considerations in this emerging field, we supplement the findings of a recent study with results from a systematic literature review. We were able to compile a list of six main types of user privacy vulnerabilities, partially confirming previous findings, but also finding additional issues. We discuss these vulnerabilities, their associated attack vectors, and possible mitigations users can take to protect themselves.

Kulani Mahadewa,Kailong Wang,Guangdong Bai,Ling Shi,Yan Liu,Jin Song Dong,Zhenkai Liang

DOI: https://doi.org/10.1109/tse.2019.2960690

IF: 7.4

2021-12-01

IEEE Transactions on Software Engineering

Abstract:A key feature of the booming smart home is the integration of a wide assortment of technologies, including various standards, proprietary communication protocols and heterogeneous platforms. Due to customization, unsatisfied assumptions and incompatibility in the integration, critical security vulnerabilities are likely to be introduced by the integration. Hence, this work addresses the security problems in smart home systems from an integration perspective, as a complement to numerous studies that focus on the analysis of individual techniques. We propose HomeScan, an approach that examines the security of the implementations of smart home systems. It extracts the abstract specification of application-layer protocols and internal behaviors of entities, so that it is able to conduct an end-to-end security analysis against various attack models. Applying HomeScan on three extensively-used smart home systems, we have found twelve non-trivial security issues, which may lead to unauthorized remote control and credential leakage.

engineering, electrical & electronic,computer science, software engineering

Jingjin Li,Chao chen,Lei Pan,Mostafa Rahimi Azghadi,Hossein Ghodosi,Jun Zhang

2023-04-19

Abstract:Voice assistant applications have become omniscient nowadays. Two models that provide the two most important functions for real-life applications (i.e., Google Home, Amazon Alexa, Siri, etc.) are Automatic Speech Recognition (ASR) models and Speaker Identification (SI) models. According to recent studies, security and privacy threats have also emerged with the rapid development of the Internet of Things (IoT). The security issues researched include attack techniques toward machine learning models and other hardware components widely used in voice assistant applications. The privacy issues include technical-wise information stealing and policy-wise privacy breaches. The voice assistant application takes a steadily growing market share every year, but their privacy and security issues never stopped causing huge economic losses and endangering users' personal sensitive information. Thus, it is important to have a comprehensive survey to outline the categorization of the current research regarding the security and privacy problems of voice assistant applications. This paper concludes and assesses five kinds of security attacks and three types of privacy threats in the papers published in the top-tier conferences of cyber security and voice domain.

Cryptography and Security,Machine Learning,Sound,Audio and Speech Processing

Wenbo Ding,Song Liao,Long Cheng,Xianghang Mi,Ziming Zhao,Hongxin Hu

DOI: https://doi.org/10.1145/3634737.3657010

2024-01-01

Abstract:Voice Personal Assistants (VPA) are becoming popular entry points to control connected devices in an IoT environment, e.g., by invoking Amazon Alexa voice-apps (called skills) to turn on/off lights through voice commands. Amazon Alexa platform allows third-party developers to build skills and publish them to marketplaces, which greatly extends the functionalities of VPA. Despite the many convenient features, there are increasing security and safety concerns about VPA-controlled IoT systems. Previous research demonstrated the prevalence of potentially malicious or problematic skills in the marketplace. However, existing works mainly focus on non-IoT skills (e.g., skills under the Kids and Health categories). The security and safety risks of IoT skills are largely under-explored. In this work, we discover new vulnerabilities in the Amazon Alexa platform, which allows malicious third-party developers to hijack Alexa's built-in voice commands to invoke malicious IoT skills. We present three new attacks hijacking Alexa's built-in IoT commands, including Command Invocation Confounding Attack, Custom Command Attack, and Command-Intent Hijacking Attack. We also find a vulnerability that allows arbitrary control of smart-home devices in the back-end code. We evaluate the success rate for each attack and prove that they can be used by malicious developers. In particular, we demonstrate that skills in the Connected Car category using Alexa's built-in intents can be hijacked by customized IoT skills. We also design and implement IoTSkillAnalyzer, a dynamic testing tool to examine IoT skills on the Alexa skills store. After analyzing 488 Alexa 3rd-party IoT skills using IoTSkillAnalyzer, we identified 52 skills with potential command hijacking attacks. We also found that 26 suspicious skills have hidden behaviors potentially caused by the Skill Back-end Code Manipulation vulnerability after they receive normal commands, such as failing to control devices, taking hidden actions, and providing wrong response information to users.

Yanyan Li,Sara Kim,Eric Sy

DOI: https://doi.org/10.48550/arXiv.2102.11442

2021-02-23

Abstract:Since being launched in 2014, Alexa, Amazon's versatile cloud-based voice service, is now active in over 100 million households worldwide. Alexa's user-friendly, personalized vocal experience offers customers a more natural way of interacting with cutting-edge technology by allowing the ability to directly dictate commands to the assistant. Now in the present year, the Alexa service is more accessible than ever, available on hundreds of millions of devices from not only Amazon but third-party device manufacturers. Unfortunately, that success has also been the source of concern and controversy. The success of Alexa is based on its effortless usability, but in turn, that has led to a lack of sufficient security. This paper surveys various attacks against Amazon Alexa ecosystem including attacks against the frontend voice capturing and the cloud backend voice command recognition and processing. Overall, we have identified six attack surfaces covering the lifecycle of Alexa voice interaction that spans several stages including voice data collection, transmission, processing and storage. We also discuss the potential mitigation solutions for each attack surface to better improve Alexa or other voice assistants in terms of security and privacy.

Cryptography and Security

Jide S Edu,Xavier Ferrer-Aran,Jose M Such,Guillermo Suarez-Tangil

DOI: https://doi.org/10.1109/TDSC.2021.3129116

2022-01-14

Abstract:Third-party software, or skills, are essential components in Smart Personal Assistants (SPA). The number of skills has grown rapidly, dominated by a changing environment that has no clear business model. Skills can access personal information and this may pose a risk to users. However, there is little information about how this ecosystem works, let alone the tools that can facilitate its study. In this paper, we present the largest systematic measurement of the Amazon Alexa skill ecosystem to date. We study developers' practices in this ecosystem, including how they collect and justify the need for sensitive information, by designing a methodology to identify over-privileged skills with broken privacy policies. We collect 199,295 Alexa skills and uncover that around 43% of the skills (and 50% of the developers) that request these permissions follow bad privacy practices, including (partially) broken data permissions traceability. In order to perform this kind of analysis at scale, we present SkillVet that leverages machine learning and natural language processing techniques, and generates high-accuracy prediction sets. We report a number of concerning practices including how developers can bypass Alexa's permission system through account linking and conversational skills, and offer recommendations on how to improve transparency, privacy and security. Resulting from the responsible disclosure we have conducted, 13% of the reported issues no longer pose a threat at submission time.

Cryptography and Security

Yan Meng,Wei Zhang,Haojin Zhu,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/mwc.2017.1800100

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:The consumer Internet of Things (IoT) platforms are gaining high popularity. However, due to the open nature of wireless communications, smart home platforms are facing many new challenges, especially in the aspect of security and privacy. In this article, we first introduce the architecture of current popular smart home platforms and elaborate the functions of each component. Then we discuss the security and privacy challenges arising from these platforms and review the state of the art of the proposed countermeasures. We give a comprehensive survey on several new attacks on the voice interface of smart home platforms, which aim to gain unauthorized access and execute over-privileged behaviors to compromise the user's privacy. To thwart these attacks, we propose a novel voice liveness detection system, which analyzes the wireless signals generated by IoT devices and the received voice samples to perform user authentication. We implement a real-world testbed on Samsung's SmartThings platform to evaluate the performance of the proposed system, and demonstrate its effectiveness.

Jide S. Edu,Jose M. Such,Guillermo Suarez-Tangil

DOI: https://doi.org/10.48550/arXiv.1903.05593

2019-03-13

Cryptography and Security

Abstract:Smart Home Personal Assistants (SPA) are an emerging innovation that is changing the way in which home users interact with the technology. However, there are a number of elements that expose these systems to various risks: i) the open nature of the voice channel they use, ii) the complexity of their architecture, iii) the AI features they rely on, and iv) their use of a wide-range of underlying technologies. This paper presents an in-depth review of the security and privacy issues in SPA, categorizing the most important attack vectors and their countermeasures. Based on this, we discuss open research challenges that can help steer the community to tackle and address current security and privacy issues in SPA. One of our key findings is that even though the attack surface of SPA is conspicuously broad and there has been a significant amount of recent research efforts in this area, research has so far focused on a small part of the attack surface, particularly on issues related to the interaction between the user and the SPA devices. We also point out that further research is needed to tackle issues related to authorization, speech recognition or profiling, to name a few. To the best of our knowledge, this is the first article to conduct such a comprehensive review and characterization of the security and privacy issues and countermeasures of SPA.

David J. Major,Danny Yuxing Huang,Marshini Chetty,Nick Feamster

DOI: https://doi.org/10.48550/arXiv.1910.14112

2019-10-31

Abstract:Many Internet of Things (IoT) devices have voice user interfaces (VUIs). One of the most popular VUIs is Amazon's Alexa, which supports more than 47,000 third-party applications ("skills"). We study how Alexa's integration of these skills may confuse users. Our survey of 237 participants found that users do not understand that skills are often operated by third parties, that they often confuse third-party skills with native Alexa functions, and that they are unaware of the functions that the native Alexa system supports. Surprisingly, users who interact with Alexa more frequently are more likely to conclude that a third-party skill is native Alexa functionality. The potential for misunderstanding creates new security and privacy risks: attackers can develop third-party skills that operate without users' knowledge or masquerade as native Alexa functions. To mitigate this threat, we make design recommendations to help users distinguish native and third-party skills.

Human-Computer Interaction,Cryptography and Security

Fuman Xie,Yanjun Zhang,Chuan Yan,Suwan Li,Lei Bu,Kai Chen,Zi Huang,Guangdong Bai

DOI: https://doi.org/10.1145/3551349.3560416

2022-10-10

Abstract:A large number of functionality-rich and easily accessible applications have become popular among various virtual personal assistant (VPA) services such as Amazon Alexa. VPA applications (or VPA apps for short) are accompanied by a privacy policy document that informs users of their data handling practices. These documents are usually lengthy and complex for users to comprehend, and developers may intentionally or unintentionally fail to comply with them. In this work, we conduct the first systematic study on the privacy policy compliance issue of VPA apps. We develop Skipper, which targets Amazon Alexa skills. It automatically depicts the skill into the declared privacy profile by analyzing their privacy policy documents with Natural Language Processing (NLP) and machine learning techniques, and derives the behavioral privacy profile of the skill through a black-box testing. We conduct a large-scale analysis on all skills listed on Alexa store, and find that a large number of skills suffer from the privacy policy noncompliance issues.

Hassan A. Shafei,Chiu C. Tan

DOI: https://doi.org/10.1109/access.2024.3379141

IF: 3.9

2024-03-27

IEEE Access

Abstract:Voice-controlled systems have revolutionized user interactions, making technology more accessible and intuitive across various settings. In multi-user environments, such as households, voice assistants like Amazon Alexa are favored as they enable seamless interaction with devices and services. However, the convenience these systems offer comes with challenges, especially concerning privacy and security. In environments where multiple users interact with the same voice assistant, the need for sophisticated access control mechanisms becomes apparent to prevent unauthorized access to sensitive information. This study assesses the effectiveness of voice access control mechanisms within these multi-user contexts, shedding light on the inherent privacy risks associated with shared voice-controlled systems. First, the study demonstrates vulnerabilities in the current access control mechanisms concerning users' private data. Second, a framework for automated testing is developed to explore the access control weaknesses and determine whether the accessible data is of consequence, as not all information may be equally sensitive or vital to users. Third, two flaws within the access control mechanisms offered by the voice system are identified, highlighting the susceptibility of existing access controls to unauthorized access. Finally, the study reveals that operations on the system are protected, whereas other operations that are not protected still reveal user's private information. These findings underscore the need for enhanced privacy safeguards and improved access control systems in multi-user environments. Recommendations are offered to mitigate risks associated with unauthorized access, focusing on securing the user's private data on the voice assistant.

computer science, information systems,telecommunications,engineering, electrical & electronic

Song Liao,Long Cheng,Haipeng Cai,Linke Guo,Hongxin Hu

DOI: https://doi.org/10.1145/3576915.3616650

2023-09-12

Abstract:The Amazon Alexa marketplace is the largest Voice Personal Assistant (VPA) platform with over 100,000 voice applications (i.e., skills) published to the skills store. In an effort to maintain the quality and trustworthiness of voice-apps, Amazon Alexa has implemented a set of policy requirements to be adhered to by third-party skill developers. However, recent works reveal the prevalence of policy-violating skills in the current skills store. To understand the causes of policy violations in skills, we first conduct a user study with 34 third-party skill developers focusing on whether they are aware of the various policy requirements defined by the Amazon Alexa platform. Our user study results show that there is a notable gap between VPA's policy requirements and skill developers' practices. As a result, it is inevitable that policy-violating skills will be published. To prevent the inflow of new policy-breaking skills to the skills store from the source, it is critical to identify potential policy violations at the development phase. In this work, we design and develop SkillScanner, an efficient static code analysis tool to facilitate third-party developers to detect policy violations early in the skill development lifecycle. To evaluate the performance of SkillScanner, we conducted an empirical study on 2,451 open source skills collected from GitHub. SkillScanner effectively identified 1,328 different policy violations from 786 skills. Our results suggest that 32% of these policy violations are introduced through code duplication (i.e., code copy and paste). In particular, we found that 42 skill code examples from potential Alexa's official accounts (e.g., "alexa" and "alexa-samples" on GitHub) contain policy violations, which lead to 81 policy violations in other skills due to the copy-pasted code snippets from these Alexa's code examples.

Cryptography and Security

Yangyi Chen,Tongxin Li,Xiaofeng Wang,Kai Chen,Xinhui Han

DOI: https://doi.org/10.1145/2810103.2813652

2015-01-01

Abstract:In this paper, we report the first large-scale, systematic study on the security qualities of emerging push-messaging services, focusing on their app-side service integrations. We identified a set of security properties different push-messaging services (e.g., Google Cloud Messaging) need to have, and automatically verified them in different integrations using a new technique, called Seminal. Seminal is designed to extract semantic information from a service's sample code, and leverage the information to evaluate the security qualities of the service's SDKs and its integrations within different apps. Using this tool, we studied 30 leading services around the world, and scanned 35,173 apps. Our findings are astonishing: over 20% apps in Google Play and 50% apps in mainstream Chinese app markets are riddled with security-critical loopholes, putting a huge amount of sensitive user data at risk. Also, our research brought to light new types of security flaws never known before, which can be exploited to cause serious confusions among popular apps and services (e.g., Facebook, Skype, Yelp, Baidu Push). Taking advantage of such confusions, the adversary can post his content to the victim's apps in the name of trusted parties and intercept her private messages. The study highlights the serious challenges in securing push-messaging services and an urgent need for improving their security qualities.