The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Boyang Wang - University of Cincinnati

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Fingerprinting Encrypted Voice Commands on Smart Speakers

Dec 04, 2019

Download: Video Icon MP4 Video Size: 300.4MB  
Watch on Youtube Watch on YouTube

Abstract

Smartspeakers, such as Amazon Echo, have been adopted by millions of users. However,the privacy impacts of smart speakers have not been well examined. We investigatethe privacy leakage of smart speakers under an encrypted traffic analysisattack, referred to as voice command fingerprinting. In this attack, anadversary eavesdrops encrypted voice traffic from and to a smart speaker andinfers which voice command a user says without decrypting encrypted traffic. Wedesign our attacks based on neural networks and collect two large-scaledatasets on Amazon Echo and Google Home by using an automatic traffic crawler. Ourexperimental results show disturbing privacy concerns. Specifically, comparedto 1% accuracy with random guessing, an attacker can infer 92% voice commandscorrectly on Amazon Echo and 99% voice commands correctly on Google Home. Wealso propose a defense to preserve user privacy against this attack with minimallatency and bandwidth overhead. Our simulations show that the proposed defensecan reduce attack accuracy to 1% if an attacker trains neural networks withoriginal traffic and 32% if an attacker adapts and trains neural networks withobfuscated traffic.  


About the Speaker

Boyang Wang is atenure-track Assistant Professor in the Department of Electrical Engineeringand Computer Science at the University of Cincinnati. He received his Ph.D. inElectrical and Computer Engineering from the University of Arizona in 2017, hisPh.D. in Cryptography and B.S. in Information Security from Xidian University,China, in 2014 and 2007, respectively. He worked for Bosch Research andTechnology Center as a research intern in 2015. He was a visiting student atUtah State University from 2012 to 2013 and a visiting student at theUniversity of Toronto from 2010 to 2012. His current research focus on datasecurity and privacy, adversarial machine learning, encrypted traffic analysis,blockchain and applied cryptography. He is a member of IEEE and ACM.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!