Abstract
We propose a novel attack, called an “Audio Hotspot Attack,” which performs an inaudible malicious voice command attack, by targeting voice assistance systems, e.g., smart speakers or in-car navigation systems. The key idea of the approach is to leverage directional sound beams generated from parametric loudspeakers, which emit amplitude-modulated ultrasounds that will be self-demodulated in the air. Our work goes beyond the previous studies of inaudible voice command attack in the following three aspects: (1) the attack can succeed on a long distance (3.5 meters in a small room, and 12 meters in a long hallway), (2) it can control the spot of the audible area by using two directional sound beams, which consist of a carrier wave and a sideband wave, and (3) the proposed attack leverages a physical phenomenon i.e., non-linearity in the air, to attack voice assistance systems. To evaluate the feasibility of the attack, we performed extensive in-lab experiments and a user study involving 20 participants. The results demonstrated that the attack was feasible in a real-world setting. We discussed the extent of the threat, as well as the possible countermeasures against the attack.
Highlights
V OICE assistance systems, such as Siri [2], Google Assistant [3], and Amazon Alexa [4] have become increasingly popular as a means to establish user-friendly human– computer interactions
For the parametric loudspeaker experiment, the audible space was limited to a narrow area
The generated sound wave was somewhat inaudible over a short range owing to the fact that the generated ultrasonic beam moved forward before it was demodulated in the air
Summary
V OICE assistance systems, such as Siri [2], Google Assistant [3], and Amazon Alexa [4] have become increasingly popular as a means to establish user-friendly human– computer interactions. Voice assistance systems can integrate speech recognition to demonstrate various skills such as providing recommendations to restaurants, reading out schedules, and even purchasing products when an appropriate voice command is given. While these voice assistance systems have clear benefits in daily life activities, they raise intrinsic security and privacy concerns. As previous studies have demonstrated [5], [6], voice assistance systems are vulnerable to “inaudible voice command attacks.”. A typical voice assistance system has two action phases for device operation: activation and recognition. A third person who is not registered can still attempt to use the device, his or her usage will be limited to non-personalized common services such as reading news or weather forecasts
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
