Wake guard: Protecting smart speakers’ wake words with audio watermarking

Lopez-Toledo, Israel J.

Permalink

https://hdl.handle.net/2142/117809 Copy

Description

Title

Wake guard: Protecting smart speakers’ wake words with audio watermarking

Author(s)

Lopez-Toledo, Israel J.

Issue Date

2022-12-02

Director of Research (if dissertation) or Advisor (if thesis)

Gunter, Carl A

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

M.S.

Degree Level

Thesis

Keyword(s)

• replay spoof attack
• audio watermarks
• smart speakers
• voice assistants
• wake word

Abstract

Voice assistants have increasingly become a part of our everyday lives through the use of smart speakers, wearables, smartphones, infotainment systems in cars, etc. Popular smart speaker devices with integrated voice assistants, like the Amazon Echo, Google Home and Apple Homepod have made their way into users’ homes to automate their households and aid in their daily routines. Smart speakers utilize users’ voices as their main user interface (UI), but the open nature of the voice channel makes them difficult to secure [1]. This means that these voice-driven devices are vulnerable to different over the air threats, such as unintended device activation and remote replay spoof attacks from nearby electronic speakers (like other smart speakers, speakers in home entertainment systems and so on). In a remote replay spoof attack, an adversary has access to a speaker inside a home and can remotely replay the recorded or synthesized voice, of the victim, using the compromised device [2]. The adversary then introduces and executes malicious commands on a target smart speaker, resulting in a privacy and security breach inside the victim’s home. To address this particular threat, we propose a system that aids smart speakers to differentiate between a genuine voice and a replayed one. The proposed system consists of introducing high frequency watermarks to the output signal of cooperating electronic speakers, and introducing a watermarking detection method to the smart speakers. By tagging the output signal of electronic speakers, smart speakers can rely on watermarks to easily recognize and avoid remote replay attacks. With this system, users can place secure electronic speakers near a smart speaker, knowing that these devices will cooperate with each other to avoid remote replay spoof attacks and unintended device activation.

Graduation Semester

2022-12

Type of Resource

Thesis

Copyright and License Information

Copyright 2022 Israel Lopez-Toledo

Owning Collections