Paper Info
Title
2MA: Verifying Voice Commands via Two Microphone Authentication.
Abstract
Voice controlled interfaces have vastly improved the usability of many devices (e.g., headless IoT systems). Unfortunately, the lack of authentication for these interfaces has also introduced command injection vulnerabilities - whether via compromised IoT devices, television ads or simply malicious nearby neighbors, causing such devices to perform unauthenticated sensitive commands is relatively easy. We address these weaknesses with Two Microphone Authentication (2MA), which takes advantage of the presence of multiple ambient and personal devices operating in the same area. We develop an embodiment of 2MA that combines approximate localization through Direction of Arrival (DOA) techniques with Robust Audio Hashes (RSHs). Our results show that our 2MA system can localize a source to within a narrow physical cone ($<30^\circ $) with zero false positives, eliminate replay attacks and prevent the injection of inaudible/hidden commands. As such, we dramatically increase the difficulty for an adversary to carry out such attacks and demonstrate that 2MA is an effective means of authenticating and localizing voice commands.
Year
DOI
Venue
2018
10.1145/3196494.3196545
AsiaCCS
Keywords
Field
DocType
Internet of Things, authentication
Authentication,Computer security,Direction of arrival,Computer science,Code injection,Usability,Internet of Things,Hash function,Microphone,Voice command device
Conference
ISBN
Citations 
PageRank 
978-1-4503-5576-6
7
0.46
References 
Authors
19
4
Name
Order
Citations
PageRank
Logan Blue1273.74
Hadi Abdullah270.80
Luis Villa-Vargas3236.16
Patrick Traynor4117187.80