Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa

Mary Bispham, Ioannis Agrafiotis, Michael Goldsmith

2019

Abstract

This paper presents novel attacks on voice-controlled digital assistants using nonsensical word sequences. We present the results of a small-scale experiment which demonstrates that it is possible for malicious actors to gain covert access to a voice-controlled system by hiding commands in apparently nonsensical sounds of which the meaning is opaque to humans. Several instances of nonsensical word sequences were identified which triggered a target command in a voice-controlled digital assistant, but which were incomprehensible to humans, as shown in tests with human experimental subjects. Our work confirms the potential for hiding malicious voice commands to voice-controlled digital assistants or other speech-controlled devices in speech sounds which are perceived by humans as nonsensical. This paper also develops a novel attack concept which involves gaining unauthorised access to a voice-controlled system using apparently unrelated utterances. We present the results of a proof-of-concept study showing that it is possible to trigger actions in a voice-controlled digital assistant using utterances which are accepted by the system as a target command despite having a different meaning to the command in terms of human understanding.

Download


Paper Citation


in Harvard Style

Bispham M., Agrafiotis I. and Goldsmith M. (2019). Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 75-87. DOI: 10.5220/0007309500750087


in Bibtex Style

@conference{icissp19,
author={Mary Bispham and Ioannis Agrafiotis and Michael Goldsmith},
title={Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={75-87},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007309500750087},
isbn={978-989-758-359-9},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Nonsense Attacks on Google Assistant and Missense Attacks on Amazon Alexa
SN - 978-989-758-359-9
AU - Bispham M.
AU - Agrafiotis I.
AU - Goldsmith M.
PY - 2019
SP - 75
EP - 87
DO - 10.5220/0007309500750087