Skip navigation
Please use this identifier to cite or link to this item: http://arks.princeton.edu/ark:/88435/dsp01pc289m93q
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorLee, Ruby-
dc.contributor.authorLing, Frances-
dc.date.accessioned2019-08-19T11:58:30Z-
dc.date.available2019-08-19T11:58:30Z-
dc.date.created2019-04-22-
dc.date.issued2019-08-19-
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/dsp01pc289m93q-
dc.description.abstractVoice-controlled virtual personal assistants (VPAs) are becoming increasingly com- mon as people continue to digitize their lives. However, the voice channel across which the user communicates with the VPA is inherently vulnerable since the majority of systems are unable to authenticate the user, allowing third parties to issue commands as well. Previous research has shown that a disconnect exists between human and speech recognition, and adversaries can take advantage of this gap by creating mali- cious commands that are not understandable to the human ear, but can be recognized and processed by speech recognition systems as human speech. For smart-speaker de- vices, namely Amazon Echo and Google Home, more vulnerabilities arise from the ability to download applications from third-party developers, exposing users to the possibility of encountering malicious third-party apps. In this senior thesis, we first present a survey of the existing body of research in VPA security. Then, we propose a novel attack, dubbed the cascading attack, that first targets the smart-speaker device with a malicious third-party skill, then uses it to attack nearby Internet-of-Things devices with hidden voice commands. We show that such an attack can be dangerous and far-reaching. We will also discuss the implications of the cascading attack, as well as some possible defenses.en_US
dc.format.mimetypeapplication/pdf-
dc.language.isoenen_US
dc.titleSecurity Vulnerabilities in Voice-Controlled Virtual Personal Assistantsen_US
dc.typePrinceton University Senior Theses-
pu.date.classyear2019en_US
pu.departmentElectrical Engineeringen_US
pu.pdf.coverpageSeniorThesisCoverPage-
pu.contributor.authorid961184078-
Appears in Collections:Electrical Engineering, 1932-2020

Files in This Item:
File Description SizeFormat 
LING-FRANCES-THESIS.pdf3.86 MBAdobe PDF    Request a copy


Items in Dataspace are protected by copyright, with all rights reserved, unless otherwise indicated.