Abstract
In the last few years, Internet of Things (IoT) devices have evolved at an accelerated rate. Smart technology is leaning towards new human-device interaction interfaces that lack screens or buttons, thus reducing the cost of the devices while offering a more natural user experience. Voice is one of the most extended IoT user interfaces nowadays and has been popularized with the advent of smart assistants. However, with the adoption of voice interfaces, new challenges arise in terms of security. According to our research, the complexity of speaker recognition has led to non-reliable voice authentication on IoT devices. Recent approaches to solve this problem include multi-factor authentication (MFA) schemes, but existing solutions, such as one-time passwords (OTP), virtual/physical buttons, and others, have a significant impact on the user experience that is not suitable for all applications and can negate the hands-free benefits of voice interfaces. In addition, the privacy concerns of voice biometrics hinder the development of personalized voice applications that require user accounting and access control policies. Motivated by this security concern, in this paper, we present a two-factor authentication (2-FA) scheme for voice-activated devices that uses a smartphone as a key to authorize voice commands when the user’s presence is detected. The proposed security model, which makes use of Wi-Fi location for presence detection, was implemented on an Amazon Echo device and an Android smartphone, the results proved that the denominated Smartphone-key model can protect against the most common attack vectors on voice-controlled devices without affecting the user experience.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Network and Service Management
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.