Abstract:Voice Personal Assistants (VPA) are becoming popular entry points to control connected devices in an IoT environment, e.g., by invoking Amazon Alexa voice-apps (called skills) to turn on/off lights through voice commands. Amazon Alexa platform allows third-party developers to build skills and publish them to marketplaces, which greatly extends the functionalities of VPA. Despite the many convenient features, there are increasing security and safety concerns about VPA-controlled IoT systems. Previous research demonstrated the prevalence of potentially malicious or problematic skills in the marketplace. However, existing works mainly focus on non-IoT skills (e.g., skills under the Kids and Health categories). The security and safety risks of IoT skills are largely under-explored. In this work, we discover new vulnerabilities in the Amazon Alexa platform, which allows malicious third-party developers to hijack Alexa's built-in voice commands to invoke malicious IoT skills. We present three new attacks hijacking Alexa's built-in IoT commands, including Command Invocation Confounding Attack, Custom Command Attack, and Command-Intent Hijacking Attack. We also find a vulnerability that allows arbitrary control of smart-home devices in the back-end code. We evaluate the success rate for each attack and prove that they can be used by malicious developers. In particular, we demonstrate that skills in the Connected Car category using Alexa's built-in intents can be hijacked by customized IoT skills. We also design and implement IoTSkillAnalyzer, a dynamic testing tool to examine IoT skills on the Alexa skills store. After analyzing 488 Alexa 3rd-party IoT skills using IoTSkillAnalyzer, we identified 52 skills with potential command hijacking attacks. We also found that 26 suspicious skills have hidden behaviors potentially caused by the Skill Back-end Code Manipulation vulnerability after they receive normal commands, such as failing to control devices, taking hidden actions, and providing wrong response information to users.

Command Hijacking on Voice-Controlled IoT in Amazon Alexa Platform

Understanding and Mitigating the Security Risks of Voice-Controlled Third-Party Skills on Amazon Alexa and Google Home

"Are you home alone?" "Yes" Disclosing Security and Privacy Vulnerabilities in Alexa Skills

Demo: Hijacking Connected Vehicle Alexa Skills

Alexa, Who Am I Speaking To? Understanding Users' Ability to Identify Third-Party Apps on Amazon Alexa

The Insecurity of Home Digital Voice Assistants -- Amazon Alexa as a Case Study

Alexa versus Alexa: Controlling Smart Speakers by Self-Issuing Voice Commands

A Survey on Amazon Alexa Attack Surfaces

Evaluating Synthetic Command Attacks on Smart Voice Assistants

Volttack: Control IoT Devices by Manipulating Power Supply Voltage.

SkillVet: Automated Traceability Analysis of Amazon Alexa Skills

SkillBot: Identifying Risky Content for Children in Alexa Skills

Security Vetting Process of Smart-home Assistant Applications: A First Look and Case Studies

SkillScanner: Detecting Policy-Violating Voice Applications Through Static Analysis at the Development Phase

A Practical Survey on Emerging Threats from AI-driven Voice Attacks: How Vulnerable are Commercial Voice Control Systems?

An Overview of Vulnerabilities of Voice Controlled Systems

BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers

SkillFence: A Systems Approach to Practically Mitigating Voice-Based Confusion Attacks

Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems

When It's Not Worth the Paper It's Written On: A Provocation on the Certification of Skills in the Alexa and Google Assistant Ecosystems

Acoustic Cybersecurity: Exploiting Voice-Activated Systems