오늘 저희 정보보호대학원에서는 한양대학교 이연준 교수님을 모시고
"Using Sonar for Liveness Detection to Protect Smart Speakers against Remote Attackers" 주제로 아래와 같이 세미나를 개최하고자 합니다.
코로나19 확산방지를 위하여 원격수업으로(ZOOM) 진행할 예정입니다.
= 아 래 =
- 21.3.09(화) 16:00~
※ 시작시간 5분전에 준비하여 주세요.
접속 비밀번호: 이메일 별도 공지
Title: Using Sonar for Liveness Detection to Protect Smart Speakers against Remote Attackers
Smart speakers, which wait for voice commands and complete tasks for users, are becoming part of common households. While voice commands came with basic functionalities in the earlier days, as the market grew, various commands with critical functionalities were developed; e.g., access banking services, send money, open front door. Such voice commands can cause serious consequences once smart speakers are attacked. Recent research shows that smart speakers are vulnerable to malicious voice commands sent from other speakers (e.g., TV, baby monitor, radio) in the same area. In this work, we propose the Speaker-Sonar, a sonar-based liveness detection system for smart speakers. Our approach aims to protect the smart speakers from remote attackers that leverage network-connected speakers to send malicious commands. The key idea of our approach is to make sure that the voice command is indeed coming from the user. For this purpose, the Speaker-Sonar emits an inaudible sound and tracks the user's direction to compare it with the direction of the received voice command. The Speaker-Sonar does not require additional action from the user and works through an automatic consistency check. We built the Speaker-Sonar on a raspberry pi 3b, a circular microphone array, and a commodity speaker by imitating the Amazon Echo. Our evaluation shows that the Speaker-Sonar can reject remote voice attacks with an average accuracy of 95.5％ in 2 meters, which significantly raises the bar for remote attackers. To the best of our knowledge, our defense is able to defend against known remote voice attack techniques.
Yeonjoon Lee joined the College of Computing of Hanyang University ERICA as an Assistant Professor in Fall 2019. He received his Ph.D. degree in Security Informatics from Indiana University Bloomington (Advisor, Prof. XiaoFeng Wang) and the B.S. degree from Hanyang University in 2012. Yeonjoon's research interests include mobile security, IoT (Internet of Things) security and network security. He has been studying vulnerabilities and design problems in Android OS, Android and iOS malware detection approaches, access control designs and applications for smartphones and IoT systems, and protection systems for smart-speakers. The research outcomes have been published at top-tier security conferences.