Misactivation detection and user identification in smart home speakers using traffic flow features

The advancement in Internet of Things (IoT) technology has transformed our daily lifestyle. Particularly, voice assistants such as Amazon's Alexa and Google Assistant are commonly deployed in households. These voice assistants enable users to interact with other devices in a smart home ecosystem. In this paper, we focus on two security issues that arise with the use of smart speakers, and present network flow fingerprinting methods to mitigate their impact. First, we concentrate on the misactivation of smart speakers in which spoken words unintentionally activate the device. This may lead to private user conversations being recorded and sent to the cloud without the user even noticing. To prevent such misactivation, we explore locality-sensitive hash-based machine learning approaches. Our evaluation results with the network traffic of four different smart speakers show that the proposed approach can achieve an area under the curve (i. e., AUC) of 93% to 99%. Secondly, we explore whether the voice commands of the device owner can be distinguished from other individuals based on the generated network traffic fingerprint without any analysis of the actual sound wave. Evaluation results with five different user voices show that we can achieve an average AUC of 72% to 81% by ensembling multiple machine learning models.

[1]  Huchuan Lu,et al.  Video anomaly detection based on locality sensitive hashing filters , 2016, Pattern Recognit..

[2]  Marcia Ford,et al.  Alexa, are you listening to me? An analysis of Alexa voice service network traffic , 2018, Personal and Ubiquitous Computing.

[3]  Vassil Roussev,et al.  An evaluation of forensic similarity hashes , 2011, Digit. Investig..

[4]  Shiyan Hu,et al.  Efficient video retrieval by locality sensitive hashing , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[5]  J. Landolin,et al.  Assembling large genomes with single-molecule sequencing and locality-sensitive hashing , 2014, Nature Biotechnology.

[6]  Chong Xiang,et al.  Voiceprint Mimicry Attack Towards Speaker Verification System in Smart Home , 2020, IEEE INFOCOM 2020 - IEEE Conference on Computer Communications.

[7]  Raheem Beyah,et al.  GTID: A Technique for Physical Device and Device Type Fingerprinting , 2015, IEEE Transactions on Dependable and Secure Computing.

[8]  William Enck,et al.  LeakyPick: IoT Audio Spy Detector , 2020, ACSAC.

[9]  Sudarshan S. Chawathe,et al.  Monitoring IoT Networks for Botnet Activity , 2018, 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA).

[10]  Dimitrios Pendarakis,et al.  How to Discover IoT Devices When Network Traffic Is Encrypted , 2019, 2019 IEEE International Congress on Internet of Things (ICIOT).

[11]  Yue Zhao,et al.  CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition , 2018, USENIX Security Symposium.

[12]  Chen Wang,et al.  Defeating hidden audio channel attacks on voice assistants via audio-induced surface vibrations , 2019, ACSAC.

[13]  Wei Sun,et al.  Combating Replay Attacks Against Voice Assistants , 2019, Proc. ACM Interact. Mob. Wearable Ubiquitous Technol..

[14]  Aziz Mohaisen,et al.  You Can Hear But You Cannot Steal: Defending Against Voice Impersonation Attacks on Smartphones , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[15]  Ahmad-Reza Sadeghi,et al.  AuDI: Toward Autonomous IoT Device-Type Identification Using Periodic Communication , 2019, IEEE Journal on Selected Areas in Communications.

[16]  Hamed Haddadi,et al.  Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach , 2019, Internet Measurement Conference.

[17]  Mehmet Hadi Gunes,et al.  Locality-Sensitive IoT Network Traffic Fingerprinting for Device Identification , 2020, IEEE Internet of Things Journal.

[18]  Jesse D. Kornblum Identifying almost identical files using context triggered piecewise hashing , 2006, Digit. Investig..

[19]  Mauro Conti,et al.  Peek-a-boo: i see your smart home activities, even encrypted! , 2018, WISEC.

[20]  Elizabeth S. Bentley,et al.  Z-IoT: Passive Device-class Fingerprinting of ZigBee and Z-Wave IoT Devices , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[21]  Haipeng Li,et al.  Fingerprinting encrypted voice traffic on smart speakers with deep learning , 2020, WISEC.

[22]  Haipeng Li,et al.  I Can Hear Your Alexa: Voice Command Fingerprinting on Smart Home Speakers , 2019, 2019 IEEE Conference on Communications and Network Security (CNS).

[23]  Mehmet Hadi Gunes,et al.  IoT Traffic Flow Identification using Locality Sensitive Hashes , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[24]  Yuval Elovici,et al.  Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection , 2018, NDSS.

[25]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[26]  Sven Nomm,et al.  Dimensionality Reduction for Machine Learning Based IoT Botnet Detection , 2018, 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV).

[27]  Sushil J. Louis,et al.  Operating system fingerprinting via automated network traffic analysis , 2017, 2017 IEEE Congress on Evolutionary Computation (CEC).

[28]  Hossam Faris,et al.  Unsupervised intelligent system based on one class support vector machine and Grey Wolf optimization for IoT botnet detection , 2019, Journal of Ambient Intelligence and Humanized Computing.

[29]  Cristina Nita-Rotaru,et al.  The House That Knows You: User Authentication Based on IoT Data , 2019, ArXiv.

[30]  Ahmad-Reza Sadeghi,et al.  IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT , 2016, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[31]  Thomas Zefferer,et al.  An Ontology-Based Interoperability Solution for Electronic-Identity Systems , 2016, 2016 IEEE International Conference on Services Computing (SCC).

[32]  Wei Zhang,et al.  WiVo: Enhancing the Security of Voice Control System via Wireless Signal in IoT Environment , 2018, MobiHoc.

[33]  Ernesto Damiani,et al.  An Open Digest-based Technique for Spam Detection , 2004, PDCS.

[34]  M. H. Gunes,et al.  Detecting Anomalous IoT Traffic Flow with Locality Sensitive Hashes , 2020, GLOBECOM 2020 - 2020 IEEE Global Communications Conference.

[35]  Shouling Ji,et al.  Fingerprinting for Cyber-Physical System Security: Device Physics Matters Too , 2018, IEEE Security & Privacy.

[36]  Theophilus A. Benson,et al.  Detecting Volumetric Attacks on loT Devices via SDN-Based Monitoring of MUD Activity , 2019, SOSR.

[37]  Mehmet Hadi Gunes,et al.  IoT Event Classification Based on Network Traffic , 2020, IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[38]  Mehmet Hadi Gunes,et al.  Voice Command Fingerprinting with Locality Sensitive Hashes , 2020, CPSIOTSEC@CCS.

[39]  Raheem A. Beyah,et al.  Who's in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems , 2016, NDSS.

[40]  Jonathan Oliver,et al.  TLSH -- A Locality Sensitive Hash , 2013, 2013 Fourth Cybercrime and Trustworthy Computing Workshop.

[41]  Mehmet Hadi Gunes,et al.  Automated IoT Device Identification using Network Traffic , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[42]  Pete Burnap,et al.  A Supervised Intrusion Detection System for Smart Home IoT Devices , 2019, IEEE Internet of Things Journal.

[43]  Daniel J. Dubois,et al.  When Speakers Are All Ears: Characterizing Misactivations of IoT Smart Speakers , 2020, Proc. Priv. Enhancing Technol..

[44]  Huy Kang Kim,et al.  Andro-Simnet: Android Malware Family Classification using Social Network Analysis , 2018, 2018 16th Annual Conference on Privacy, Security and Trust (PST).

[45]  Elizabeth S. Bentley,et al.  Identification of Wearable Devices with Bluetooth , 2018, IEEE Transactions on Sustainable Computing.

[46]  Sven Nomm,et al.  Unsupervised Anomaly Based Botnet Detection in IoT Networks , 2018, 2018 17th IEEE International Conference on Machine Learning and Applications (ICMLA).

[47]  Maximilian Golla,et al.  Unacceptable, where is my privacy? Exploring Accidental Triggers of Smart Speakers , 2020, ArXiv.

[48]  Muhammad N. Marsono,et al.  Packet‐level open‐digest fingerprinting for spam detection on middleboxes , 2012, Int. J. Netw. Manag..