Sign In

Communications of the ACM

ACM TechNews

Voice-Checking Device Stops Hackers Hijacking Your Siri or Alexa


Amazon's Echo wireless speaker, which connects to Amazon's Voice Service.

University of Michigan researchers are developing a wearable device to provide continuous authentication for voice assistants.

Credit: Amazon

A wearable device under development at the University of Michigan provides continuous authentication for voice assistants, such as Apple's Siri or Amazon's Alexa.

Voice assistants are difficult to secure and can be easily hijacked by impersonating the owner or playing recordings of the owner's voice.

To confirm the speaker's identity, VAuth uses an accelerometer hidden in eyeglasses, earphones, or other wearables to collect vibrations created as the user speaks. An algorithm then compares the vibrations with the audio signal received by the voice assistant's microphone, ensuring the assistant executes only the commands that come from the owner.

VAuth's authentication is continuous, so every voice message is screened.

Researchers tested the device with 18 subjects saying 30 commands. VAuth was able to match vibrations with audio signals 97% of the time, and thwarted all attempts to issue commands by someone other than a device's owner.

From New Scientist
View Full Article

 

Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
ACM Resources