Theses and Dissertations

Date of Award


Document Type


Degree Name

Master of Science (MS)


Computer Science

First Advisor

Emmett Tomai

Second Advisor

Bin Fu

Third Advisor

Dong-Chul Kim


The adoption of the Amazon Echo family of devices in modern homes has become very widespread at the current time, with hundreds of millions of devices sold. Moreover, the global smart speaker market size is growing vigorously and is projected to continue to bigger. Smart speakers allow users hands-free interaction by allowing voice control, promoting human-computer interaction to greater avenues. Though smart speaker can be useful assistant, it has some serious security concerns that need to be studied. In this study, an analysis of the security and privacy concerns of smart speakers is presented along with a passive attack, namely voice command fingerprinting. We start by introducing different security vulnerabilities of Amazon Alexa. Then, a voice command fingerprinting attack is implemented. In a voice command fingerprinting attack, an attacker eavesdropping on encrypted communication traffic can infer users’ voice commands. The attacker can use side channel information like packet length, direction, and order of traffic between Amazon Echo and the cloud server to make predictions of voice commands issued by the user. Different ensemble strategies are implemented to increase attack performance. Stacked generalization has a superior performance among all attacks, correctly predicting 90.54% of voice commands. The details on implementation techniques and experimental evaluation are also presented in this work.


Copyright 2023 Surendra Pathak. All Rights Reserved.