Performing a Presentation Attack Detection on Voice Biometrics

Sanchez-Casanova, Jorge; Goicoechea-Telleria, Ines; Liu-Jimenez, Judith; Sánchez-Reillo, Raúl

doi:10.1109/ccst.2018.8585464

Cited by 1 publication

(2 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Replay attacks are possible in non-cooperative cases (no target participation required), but mimicry (organic and digital attempts to replicate another individual's voice) or voice conversion attacks (digital masking of the attacker's voice as the target's) could also be used, depending on the home assistant's use of voice biometrics. 16 Finally, the attacker disables the camera and enters the home with no sign of forced entry. A VPN masks their identity in the event the camera logs access.…”

Section: A Case Study In Villainizing Voicementioning

confidence: 99%

See 1 more Smart Citation

Using Open Channels to Trigger the Invited, Unintended Consequences of the Internet of Things

Siegel

2019

IEEE Secur. Privacy

View full text Add to dashboard Cite

We describe bridging IoT's air gap using device speakers to communicate with voice assistants. We recommend protecting voice channels using twofactor authentication, contextual monitoring, and voice source embedding. These techniques are necessary when connecting critical applications to open channels, and may apply to other exploits resulting from IoT's growing capabilities. 1 The Internet of Opportunities and Unintended Consequences Millions of people have Internet of Things (IoT) devices in their homes, workplaces, vehicles, and on their bodies. These devices use sensing, connectivity, inference, and action to improve comfort, health, safety, and efficiency while blending seamlessly into their environments. Changes in these capabilities invalidate assumptions upon which cybersecurity has been built, creating interstitial weakness enabling dire consequences. 1 This paper considers how the "air gap" between a high-criticality physical system and external networks can be eroded by emerging capabilities and unanticipated risks. Specifically, we identify vulnerabilities at the intersection of two convenience-and safetycentric devices (security cameras and smart locks) that, combined, subvert each other's benefits. We explain how adversaries can leverage vulnerabilities in network webcams, using two-way voice to activate conversational devices trusted to control physical infrastructure, and present risk-mitigating solutions including distance bounding, biometrics, context-aware firewalling, and steganographic source signing. While this article describes how voice interfaces compromise a planned airgap, we close by exploring how the proposed solutions apply to securing IoT's emergent technologies. 2 IoT Security Devices Smart locks enable the use of temporary and revocable digital credentials to allow individuals remote or hands-free access to a property. These locks are valued by property managers and the infirm, who use them to let repair people in remotely or without standing up. 2 Connected locks are hackable, allowing untrusted users remote access. 3 Manufacturers may patch vulnerabilities, but the only way to prevent Internet-enabled exploits is to remove the lock from a wide-area network. Limiting access to short-range protocols like

show abstract

Section: A Case Study In Villainizing Voicementioning

confidence: 99%

“…banking and aspects of home automation. 16 Today, Apple uses this approach to authorize access to Siri while Google uses "Trusted Voice" and banks use Nuance's "Free Speech." 19 It may even be possible to infer a voice's emotional state 20 to detect whether a voice command was issued by humans under duress.…”

Section: Addressing Open-channel Vulnerabilitiesmentioning

confidence: 99%

Using Open Channels to Trigger the Invited, Unintended Consequences of the Internet of Things

Siegel

2019

IEEE Secur. Privacy

View full text Add to dashboard Cite

show abstract

Performing a Presentation Attack Detection on Voice Biometrics

Cited by 1 publication

References 3 publications

Using Open Channels to Trigger the Invited, Unintended Consequences of the Internet of Things

Using Open Channels to Trigger the Invited, Unintended Consequences of the Internet of Things

Contact Info

Product

Resources

About