SkillFence

Abstract

Voice assistants are deployed widely and provide useful functionality. However, recent work has shown that commercial systems like Amazon Alexa and Google Home are vulnerable to voice-based confusion attacks that exploit design issues. We propose a systems-oriented defense against this class of attacks and demonstrate its functionality for Amazon Alexa. We ensure that only the skills a user intends execute in response to voice commands. Our key insight is that we can interpret a user's intentions by analyzing their activity on counterpart systems of the web and smartphones. For example, the Lyft ride-sharing Alexa skill has an Android app and a website. Our work shows how information from counterpart apps can help reduce dis-ambiguities in the skill invocation process. We build SkilIFence, a browser extension that existing voice assistant users can install to ensure that only legitimate skills run in response to their commands. Using real user data from MTurk (N = 116) and experimental trials involving synthetic and organic speech, we show that SkillFence provides a balance between usability and security by securing 90.83% of skills that a user will need with a False acceptance rate of 19.83%.

Document Details

Document Type
Pub Defense Publication
Publication Date
Mar 29, 2022
Source ID
10.1145/3517232

Entities

People

  • Ashish Hooda
  • Earlence Fernandes
  • Kassem Fawaz
  • Kushal Jhunjhunwalla
  • Matthew Wallace

Organizations

  • Defense Advanced Research Projects Agency
  • National Science Foundation
  • University of Washington
  • University of Wisconsin–Madison

Tags

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Computer Networking
  • Cybersecurity.