Date of Award
Master of Science (MS)
The adoption of the Amazon Echo family of devices in modern homes has become very widespread at the current time, with hundreds of millions of devices sold. Moreover, the global smart speaker market size is growing vigorously and is projected to continue to bigger. Smart speakers allow users hands-free interaction by allowing voice control, promoting human-computer interaction to greater avenues. Though smart speaker can be useful assistant, it has some serious security concerns that need to be studied. In this study, an analysis of the security and privacy concerns of smart speakers is presented along with a passive attack, namely voice command fingerprinting. We start by introducing different security vulnerabilities of Amazon Alexa. Then, a voice command fingerprinting attack is implemented. In a voice command fingerprinting attack, an attacker eavesdropping on encrypted communication traffic can infer users’ voice commands. The attacker can use side channel information like packet length, direction, and order of traffic between Amazon Echo and the cloud server to make predictions of voice commands issued by the user. Different ensemble strategies are implemented to increase attack performance. Stacked generalization has a superior performance among all attacks, correctly predicting 90.54% of voice commands. The details on implementation techniques and experimental evaluation are also presented in this work.
Pathak, Surendra, "Using Deep Learning for Encrypted Traffic Analysis of Amazon Echo" (2023). Theses and Dissertations - UTRGV. 1384.