DeepAI AI Chat
Log In Sign Up

BarrierBypass: Out-of-Sight Clean Voice Command Injection Attacks through Physical Barriers

by   Payton Walker, et al.

The growing adoption of voice-enabled devices (e.g., smart speakers), particularly in smart home environments, has introduced many security vulnerabilities that pose significant threats to users' privacy and safety. When multiple devices are connected to a voice assistant, an attacker can cause serious damage if they can gain control of these devices. We ask where and how can an attacker issue clean voice commands stealthily across a physical barrier, and perform the first academic measurement study of this nature on the command injection attack. We present the BarrierBypass attack that can be launched against three different barrier-based scenarios termed across-door, across-window, and across-wall. We conduct a broad set of experiments to observe the command injection attack success rates for multiple speaker samples (TTS and live human recorded) at different command audio volumes (65, 75, 85 dB), and smart speaker locations (0.1-4.0m from barrier). Against Amazon Echo Dot 2, BarrierBypass is able to achieve 100 success for the across-wall and across-window attacks, and for the across-door attack (up to 2 meters). At 4 meters for the across-door attack, BarrierBypass can achieve 90 respectively. Against Google Home mini BarrierBypass is able to achieve 100 wake word injection accuracy for all attack scenarios. For command injection BarrierBypass can achieve 100 to 2 meters). For the across-door attack at 4 meters, BarrierBypass can achieve 80 high command injection success, up to 100 the potentially devastating nature of this vulnerability to control a user's device from outside of the device's physical space.


page 4

page 12


Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems

We propose a new class of signal injection attacks on microphones by phy...

Alexa versus Alexa: Controlling Smart Speakers by Self-Issuing Voice Commands

We present Alexa versus Alexa (AvA), a novel attack that leverages audio...

Electromagnetic Signal Injection Attacks on Differential Signaling

Differential signaling is a method of data transmission that uses two co...

Hello Me, Meet the Real Me: Audio Deepfake Attacks on Voice Assistants

The radical advances in telecommunications and computer science have ena...

NUANCE: Near Ultrasound Attack On Networked Communication Environments

This study investigates a primary inaudible attack vector on Amazon Alex...

Graph-Theoretic Framework for Unified Analysis of Observability and Data Injection Attacks in the Smart Grid

In this paper, a novel graph-theoretic framework is proposed to generali...