TY - GEN
T1 - Misactivation detection and user identification in smart home speakers using traffic flow features
AU - Charyyev, Batyr
AU - Gunes, Mehmet Hadi
N1 - Publisher Copyright:
© 2021 ACM.
PY - 2021/6/21
Y1 - 2021/6/21
N2 - The advancement in Internet of Things (IoT) technology has transformed our daily lifestyle. Particularly, voice assistants such as Amazon's Alexa and Google Assistant are commonly deployed in households. These voice assistants enable users to interact with other devices in a smart home ecosystem. In this paper, we focus on two security issues that arise with the use of smart speakers, and present network flow fingerprinting methods to mitigate their impact. First, we concentrate on the misactivation of smart speakers in which spoken words unintentionally activate the device. This may lead to private user conversations being recorded and sent to the cloud without the user even noticing. To prevent such misactivation, we explore locality-sensitive hash-based machine learning approaches. Our evaluation results with the network traffic of four different smart speakers show that the proposed approach can achieve an area under the curve (i. e., AUC) of 93% to 99%. Secondly, we explore whether the voice commands of the device owner can be distinguished from other individuals based on the generated network traffic fingerprint without any analysis of the actual sound wave. Evaluation results with five different user voices show that we can achieve an average AUC of 72% to 81% by ensembling multiple machine learning models.
AB - The advancement in Internet of Things (IoT) technology has transformed our daily lifestyle. Particularly, voice assistants such as Amazon's Alexa and Google Assistant are commonly deployed in households. These voice assistants enable users to interact with other devices in a smart home ecosystem. In this paper, we focus on two security issues that arise with the use of smart speakers, and present network flow fingerprinting methods to mitigate their impact. First, we concentrate on the misactivation of smart speakers in which spoken words unintentionally activate the device. This may lead to private user conversations being recorded and sent to the cloud without the user even noticing. To prevent such misactivation, we explore locality-sensitive hash-based machine learning approaches. Our evaluation results with the network traffic of four different smart speakers show that the proposed approach can achieve an area under the curve (i. e., AUC) of 93% to 99%. Secondly, we explore whether the voice commands of the device owner can be distinguished from other individuals based on the generated network traffic fingerprint without any analysis of the actual sound wave. Evaluation results with five different user voices show that we can achieve an average AUC of 72% to 81% by ensembling multiple machine learning models.
KW - locality-sensitive hashing
KW - machine learning
KW - traffic fingerprinting
KW - voice assistant
UR - http://www.scopus.com/inward/record.url?scp=85110140003&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85110140003&partnerID=8YFLogxK
U2 - 10.1145/3448300.3468289
DO - 10.1145/3448300.3468289
M3 - Conference contribution
AN - SCOPUS:85110140003
T3 - WiSec 2021 - Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 135
EP - 146
BT - WiSec 2021 - Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
T2 - 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2021
Y2 - 28 June 2021 through 2 July 2021
ER -