Abstract
Intelligent voice assistants are internet-connected devices, which listen to their environment and react to spoken user commands in order to retrieve information from the internet, control appliances in the household, or notify the user of incoming messages, reminders, and the like. With their increasing ubiquity in smart homes, their application seems only limited by the imagination of developers, who connect these off-the-shelf devices to existing apps, online services, or appliances. However, since their inherent nature is to observe the user in their home, their ubiquity also raises concern of security and user privacy. To justify the trust placed into the devices, the devices must be secure from unauthorized access and the back-end infrastructure tasked with speech-to-text analysis, command interpretation, and connection to other services and appliances must maintain confidentiality of data. To investigate existing possible vulnerabilities, approaches to mitigate them, as well as general considerations in this emerging field, we supplement the findings of a recent study with results from a systematic literature review. We were able to compile a list of six main types of user privacy vulnerabilities, partially confirming previous findings, but also finding additional issues. We discuss these vulnerabilities, their associated attack vectors, and possible mitigations users can take to protect themselves.
Highlights
Intelligent voice assistants (IVAs) are conquering households
In contrast to [3], we excluded studies pertaining to hardware-only attacks on the intelligent voice assistants (IVAs) devices, as we considered this to be within the domain of electrical and computer engineering rather than cybersecurity engineering
4.1.1 Always Listening In [2], it was discovered that permanently observing sound through the integrated microphones of the IVA device creates a possible infringement of user’s personal privacy
Summary
Intelligent voice assistants (IVAs) are conquering households. IVAs seemingly bridge the gap to the verbally responsive computers in works of science fiction, as they listen to the user’s spoken command and do as commanded. “Smart Home Voice Assistants: A Literature Survey of User Privacy and Security Vulnerabilities,” Complex Systems Informatics and Modeling Quarterly, CSIMQ, no. Advances in natural-language processing and ubiquitous high-performance networks have paved the way for intelligent voice assistants (IVAs) to be the center of the smart home revolution ever since the early 2000s [4]. Voice commands and instructions are captured through internal microphones of the device and sent to a cloud natural language processing platform, which converts the voice recording to machine-interpretable data, performs linguistic analysis, and retrieves additional information from other services or sensors connected to the IVA, depending on the voice command entered by the user. IVA functionality is mainly driven by proprietary cloud infrastructure; the devices themselves are but a physical font-end for the software features
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Complex Systems Informatics and Modeling Quarterly
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
