TY - GEN
T1 - Traversing the quagmire that is privacy in your smart home
AU - Gao, Chuhan
AU - Chandrasekaran, Varun
AU - Fawaz, Kassem
AU - Banerjee, Suman
N1 - Funding Information:
This work is supported in part by the Wisconsin Alumni Research Foundation and the US National Science Foundation through awards CNS-1345293, CNS-14055667, CNS-1525586, CNS-1555426, CNS-1629833, CNS-1647152 and CNS-1719336.
Funding Information:
This work is supported in part by the Wisconsin Alumni Research Foundation and the US National Science Foundation through awards CNS-1345293, CNS-14055667, CNS-1525586, CNS-1555426, CNS- 1629833, CNS-1647152 and CNS-1719336.
Publisher Copyright:
© 2018 Copyright held by the owner/author(s).
PY - 2018/8/7
Y1 - 2018/8/7
N2 - Voice has become an increasingly popular User Interaction (UI) channel, with voice-activated devices becoming regular fixtures in our homes. The popularity of voice-based assistants (VAs), however, have brought along significant privacy and security threats to their users. Recent revelations have indicated that some VAs record user's private conversations continuously and innocuously. With the VAs being connected to the Internet, they can leak the recorded content without the user's authorization. Moreover, these devices often do not pack authentication mechanisms to check if the voice commands are issued by authorized users. To address both shortcomings, we propose a framework to impose a security and privacy perimeter around the user's VA. Our proposed framework continuously jams the VA to prevent it from innocuously recording the user's speech, unless the user issues a voice command. To prevent unauthorized voice commands, our framework provides a scheme similar to two-factor authentication to only grant access when the authorized user is in its vicinity. Our proposed framework achieves both objectives through a combination of several techniques to (a) continuously jam one (or many) VA's microphones in a manner inaudible to the user, and (b) provide only authenticated users easy access to VAs.
AB - Voice has become an increasingly popular User Interaction (UI) channel, with voice-activated devices becoming regular fixtures in our homes. The popularity of voice-based assistants (VAs), however, have brought along significant privacy and security threats to their users. Recent revelations have indicated that some VAs record user's private conversations continuously and innocuously. With the VAs being connected to the Internet, they can leak the recorded content without the user's authorization. Moreover, these devices often do not pack authentication mechanisms to check if the voice commands are issued by authorized users. To address both shortcomings, we propose a framework to impose a security and privacy perimeter around the user's VA. Our proposed framework continuously jams the VA to prevent it from innocuously recording the user's speech, unless the user issues a voice command. To prevent unauthorized voice commands, our framework provides a scheme similar to two-factor authentication to only grant access when the authorized user is in its vicinity. Our proposed framework achieves both objectives through a combination of several techniques to (a) continuously jam one (or many) VA's microphones in a manner inaudible to the user, and (b) provide only authenticated users easy access to VAs.
KW - Authentication
KW - Privacy
KW - Smart home
KW - Ultrasound jamming
KW - Voice assistant
UR - http://www.scopus.com/inward/record.url?scp=85056561255&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85056561255&partnerID=8YFLogxK
U2 - 10.1145/3229565.3229573
DO - 10.1145/3229565.3229573
M3 - Conference contribution
AN - SCOPUS:85056561255
T3 - IoT S and P 2018 - Proceedings of the 2018 Workshop on IoT Security and Privacy, Part of SIGCOMM 2018
SP - 22
EP - 28
BT - IoT S and P 2018 - Proceedings of the 2018 Workshop on IoT Security and Privacy, Part of SIGCOMM 2018
PB - Association for Computing Machinery
T2 - 2nd ACM SIGCOMM Workshop on the Internet-of-Things Security and Privacy, IoT S and P 2018
Y2 - 20 August 2018
ER -