Guan-Hua Tu scite author profile

Guan-Hua Tu

5Publications

177Citation Statements Received

31Citation Statements Given

How they've been cited

247

171

How they cite others

Affiliations

Michigan State University, University of California, Los Angeles, UCLA Health

Publications

Order By: Most citations

The Insecurity of Home Digital Voice Assistants - Vulnerabilities, Attacks and Countermeasures

Lei

Liu

et al. 2018

View full text Add to dashboard Cite

Home Digital Voice Assistants (HDVAs) are getting popular in recent years. Users can control smart devices and get living assistance through those HDVAs (e.g., Amazon Alexa, Google Home) using voice. In this work, we study the insecurity of HDVA service by using Amazon Alexa as a case study. We disclose three security vulnerabilities which root in the insecure access control of Alexa services. We then exploit them to devise two proof-of-concept attacks, home burglary and fake order, where the adversary can remotely command the victim's Alexa device to open a door or place an order from Amazon.com. The insecure access control is that the Alexa device not only relies on a single-factor authentication but also takes voice commands even if no people are around. We thus argue that HDVAs should have another authentication factor, a physical presence based access control; that is, they can accept voice commands only when any person is detected nearby. To this end, we devise a Virtual Security Button (VSButton), which leverages the WiFi technology to detect indoor human motions. Once any indoor human motion is detected, the Alexa device is enabled to accept voice commands. Our evaluation results show that it can effectively differentiate indoor motions from the cases of no motion and outdoor motions in both the laboratory and real world settings.• This paper is officially published at CNS 2018 [5].

show abstract

Can we pay for what we get in 3G data access?

Peng

et al. 2012

View full text Add to dashboard Cite

Insecurity of Voice Solution VoLTE in LTE Mobile Networks

Peng

et al. 2015

View full text Add to dashboard Cite

SecEQP: A Secure and Efficient Scheme for SkNN Query Problem Over Encrypted Geodata on Cloud

Lei

Liu

et al. 2019

View full text Add to dashboard Cite

Accounting for roaming users on mobile data access

Peng

et al. 2013

View full text Add to dashboard Cite

In this paper, we study how mobility affects mobile data accounting, which records the usage volume for each roaming user. We find out that, current 2G/3G/4G systems have well-tested mobility support solutions and generally work well. However, under certain biased, less common yet possible scenarios, accounting gap between the operator's log and the user's observation indeed exists. The gap can be as large as 69.6% in our road tests. We further discover that the root causes are diversified. In addition to the nosignal case reported in the prior work [23], they also include handoffs, as well as insufficient coverage of hybrid 2G/3G/4G systems.Inter-system handoffs (that migrate user devices between radio access technologies of 2G, 3G, and 4G) may incur non-negligible accounting discrepancy.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Guan-Hua Tu

The Insecurity of Home Digital Voice Assistants - Vulnerabilities, Attacks and Countermeasures

Can we pay for what we get in 3G data access?

Insecurity of Voice Solution VoLTE in LTE Mobile Networks

SecEQP: A Secure and Efficient Scheme for SkNN Query Problem Over Encrypted Geodata on Cloud

Accounting for roaming users on mobile data access

Contact Info

Product

Resources

About