Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa
Mary Bispham, Ioannis Agrafiotis, Michael Goldsmith
2019
Abstract
This paper presents novel attacks on voice-controlled digital assistants using nonsensical word sequences. We present the results of a small-scale experiment which demonstrates that it is possible for malicious actors to gain covert access to a voice-controlled system by hiding commands in apparently nonsensical sounds of which the meaning is opaque to humans. Several instances of nonsensical word sequences were identified which triggered a target command in a voice-controlled digital assistant, but which were incomprehensible to humans, as shown in tests with human experimental subjects. Our work confirms the potential for hiding malicious voice commands to voice-controlled digital assistants or other speech-controlled devices in speech sounds which are perceived by humans as nonsensical. This paper also develops a novel attack concept which involves gaining unauthorised access to a voice-controlled system using apparently unrelated utterances. We present the results of a proof-of-concept study showing that it is possible to trigger actions in a voice-controlled digital assistant using utterances which are accepted by the system as a target command despite having a different meaning to the command in terms of human understanding.
DownloadPaper Citation
in Harvard Style
Bispham M., Agrafiotis I. and Goldsmith M. (2019). Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 75-87. DOI: 10.5220/0007309500750087
in Bibtex Style
@conference{icissp19,
author={Mary Bispham and Ioannis Agrafiotis and Michael Goldsmith},
title={Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={75-87},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007309500750087},
isbn={978-989-758-359-9},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa
SN - 978-989-758-359-9
AU - Bispham M.
AU - Agrafiotis I.
AU - Goldsmith M.
PY - 2019
SP - 75
EP - 87
DO - 10.5220/0007309500750087