Poster: Inaudible voice commands

Liwei Song; Prateek Mittal

doi:10.1145/3133956.3138836

Poster: Inaudible voice commands

Liwei Song, Prateek Mittal

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

42 Scopus citations

Abstract

Voice assistants like Siri enable us to control IoT devices conveniently with voice commands, however, they also provide new attack opportunities for adversaries. Previous papers attack voice assistants with obfuscated voice commands by leveraging the gap between speech recognition system and human voice perception. The limitation is that these obfuscated commands are audible and thus conspicuous to device owners. In this poster, we propose a novel mechanism to directly attack the microphone used for sensing voice data with inaudible voice commands. We show that the adversary can exploit the microphone's non-linearity and play welldesigned inaudible ultrasounds to cause the microphone to record normal voice commands, and thus control the victim device inconspicuously. We demonstrate via end-to-end real-world experiments that our inaudible voice commands can attack an Android phone and an Amazon Echo device with high success rates at a range of 2-3 meters.

Original language	English (US)
Title of host publication	CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	2583-2585
Number of pages	3
ISBN (Electronic)	9781450349468
DOIs	https://doi.org/10.1145/3133956.3138836
State	Published - Oct 30 2017
Event	24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 - Dallas, United States Duration: Oct 30 2017 → Nov 3 2017

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Other

Other	24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
Country/Territory	United States
City	Dallas
Period	10/30/17 → 11/3/17

All Science Journal Classification (ASJC) codes

Software
Computer Networks and Communications

Keywords

Inaudible ultrasound injection
Intermodulation distortion
Microphone
Non-linearity

Access to Document

10.1145/3133956.3138836

Cite this

@inproceedings{5a50a13019fd4a11a4c8072b03982d11,

title = "Poster: Inaudible voice commands",

abstract = "Voice assistants like Siri enable us to control IoT devices conveniently with voice commands, however, they also provide new attack opportunities for adversaries. Previous papers attack voice assistants with obfuscated voice commands by leveraging the gap between speech recognition system and human voice perception. The limitation is that these obfuscated commands are audible and thus conspicuous to device owners. In this poster, we propose a novel mechanism to directly attack the microphone used for sensing voice data with inaudible voice commands. We show that the adversary can exploit the microphone's non-linearity and play welldesigned inaudible ultrasounds to cause the microphone to record normal voice commands, and thus control the victim device inconspicuously. We demonstrate via end-to-end real-world experiments that our inaudible voice commands can attack an Android phone and an Amazon Echo device with high success rates at a range of 2-3 meters.",

keywords = "Inaudible ultrasound injection, Intermodulation distortion, Microphone, Non-linearity",

author = "Liwei Song and Prateek Mittal",

note = "Funding Information: This work was supported in part by NSF awards CNS-1553437, EARS-1642962 and CNS-1409415.; 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 ; Conference date: 30-10-2017 Through 03-11-2017",

year = "2017",

month = oct,

day = "30",

doi = "10.1145/3133956.3138836",

language = "English (US)",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "2583--2585",

booktitle = "CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security",

}

Song, L & Mittal, P 2017, Poster: Inaudible voice commands. in CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 2583-2585, 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, United States, 10/30/17. https://doi.org/10.1145/3133956.3138836

Poster: Inaudible voice commands. / Song, Liwei; Mittal, Prateek.
CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2017. p. 2583-2585 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Poster

T2 - 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017

AU - Song, Liwei

AU - Mittal, Prateek

N1 - Funding Information: This work was supported in part by NSF awards CNS-1553437, EARS-1642962 and CNS-1409415.

PY - 2017/10/30

Y1 - 2017/10/30

N2 - Voice assistants like Siri enable us to control IoT devices conveniently with voice commands, however, they also provide new attack opportunities for adversaries. Previous papers attack voice assistants with obfuscated voice commands by leveraging the gap between speech recognition system and human voice perception. The limitation is that these obfuscated commands are audible and thus conspicuous to device owners. In this poster, we propose a novel mechanism to directly attack the microphone used for sensing voice data with inaudible voice commands. We show that the adversary can exploit the microphone's non-linearity and play welldesigned inaudible ultrasounds to cause the microphone to record normal voice commands, and thus control the victim device inconspicuously. We demonstrate via end-to-end real-world experiments that our inaudible voice commands can attack an Android phone and an Amazon Echo device with high success rates at a range of 2-3 meters.

AB - Voice assistants like Siri enable us to control IoT devices conveniently with voice commands, however, they also provide new attack opportunities for adversaries. Previous papers attack voice assistants with obfuscated voice commands by leveraging the gap between speech recognition system and human voice perception. The limitation is that these obfuscated commands are audible and thus conspicuous to device owners. In this poster, we propose a novel mechanism to directly attack the microphone used for sensing voice data with inaudible voice commands. We show that the adversary can exploit the microphone's non-linearity and play welldesigned inaudible ultrasounds to cause the microphone to record normal voice commands, and thus control the victim device inconspicuously. We demonstrate via end-to-end real-world experiments that our inaudible voice commands can attack an Android phone and an Amazon Echo device with high success rates at a range of 2-3 meters.

KW - Inaudible ultrasound injection

KW - Intermodulation distortion

KW - Microphone

KW - Non-linearity

UR - http://www.scopus.com/inward/record.url?scp=85041431278&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85041431278&partnerID=8YFLogxK

U2 - 10.1145/3133956.3138836

DO - 10.1145/3133956.3138836

M3 - Conference contribution

AN - SCOPUS:85041431278

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 2583

EP - 2585

BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

Y2 - 30 October 2017 through 3 November 2017

ER -

Poster: Inaudible voice commands

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this