Security Vulnerabilities in Voice-Controlled Virtual Personal Assistants

Abstract

Voice-controlled virtual personal assistants (VPAs) are becoming increasingly com- mon as people continue to digitize their lives. However, the voice channel across which the user communicates with the VPA is inherently vulnerable since the majority of systems are unable to authenticate the user, allowing third parties to issue commands as well. Previous research has shown that a disconnect exists between human and speech recognition, and adversaries can take advantage of this gap by creating mali- cious commands that are not understandable to the human ear, but can be recognized and processed by speech recognition systems as human speech. For smart-speaker de- vices, namely Amazon Echo and Google Home, more vulnerabilities arise from the ability to download applications from third-party developers, exposing users to the possibility of encountering malicious third-party apps. In this senior thesis, we first present a survey of the existing body of research in VPA security. Then, we propose a novel attack, dubbed the cascading attack, that first targets the smart-speaker device with a malicious third-party skill, then uses it to attack nearby Internet-of-Things devices with hidden voice commands. We show that such an attack can be dangerous and far-reaching. We will also discuss the implications of the cascading attack, as well as some possible defenses.