Threat Modeling and Analysis of Voice Assistant Applications

被引:1
|
作者
Cho, Geumhwan [1 ]
Choi, Jusop [1 ]
Kim, Hyoungshick [1 ]
Hyun, Sangwon [2 ]
Ryoo, Jungwoo [3 ]
机构
[1] Sungkyunkwan Univ, Seoul, South Korea
[2] Chosun Univ, Gwangju, South Korea
[3] Penn State Univ, Altoona, PA USA
来源
INFORMATION SECURITY APPLICATIONS, WISA 2018 | 2019年 / 11402卷
关键词
Voice assistant; Threat modeling; STRIDE; DREAD;
D O I
10.1007/978-3-030-17982-3_16
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Voice assistant is an application that helps users to interact with their devices using voice commands in a more intuitive and natural manner. Recently, many voice assistant applications have been popularly deployed on smartphones and voice-controlled smart speakers. However, the threat and security of those applications have been examined only in very few studies. In this paper, we identify potential threats to voice assistant applications and assess the risk of those threats using the STRIDE and DREAD models. Our threat modeling demonstrates that generic voice assistants can potentially have 16 security threats. To mitigate the identified threats, we also discuss several defense strategies.
引用
收藏
页码:197 / 209
页数:13
相关论文
共 50 条
  • [1] Problematic Privacy Policies of Voice Assistant Applications
    Liao, Song
    Wilson, Christin
    Long, Cheng
    Hu, Hongxin
    Deng, Huixing
    IEEE SECURITY & PRIVACY, 2021, 19 (06) : 66 - 73
  • [2] Modeling and optimizing the voice assistant behavior in Virtual Reality
    Buchta, Karolina
    Wojcik, Piotr
    Nakonieczny, Konrad
    Janicka, Justyna
    Galuszka, Damian
    Sterna, Radoslaw
    Igras-Cybulska, Magdalena
    2022 IEEE INTERNATIONAL SYMPOSIUM ON MIXED AND AUGMENTED REALITY ADJUNCT (ISMAR-ADJUNCT 2022), 2022, : 397 - 402
  • [3] Security and privacy problems in voice assistant applications: A survey
    Li, Jingjin
    Chen, Chao
    Azghadi, Mostafa Rahimi
    Ghodosi, Hossein
    Pan, Lei
    Zhang, Jun
    COMPUTERS & SECURITY, 2023, 134
  • [4] Measuring the Effectiveness of Privacy Policies for Voice Assistant Applications
    Liao, Song
    Wilson, Christin
    Cheng, Long
    Hu, Hongxin
    Deng, Huixing
    36TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2020), 2020, : 856 - 869
  • [5] Alexa-Based Voice Assistant for Smart Home Applications
    Jimenez C.
    Saavedra E.
    Del Campo G.
    Santamaria A.
    IEEE Potentials, 2021, 40 (04): : 31 - 38
  • [6] Voice Attacks to AI Voice Assistant
    Saparmammedovich, Seyitmammet Alchekov
    Al-Absi, Mohammed Abdulhakim
    Koni, Yusuph J.
    Lee, Hoon Jae
    INTELLIGENT HUMAN COMPUTER INTERACTION, PT I, 2021, 12615 : 250 - 261
  • [7] Analysis and Tuning of a Voice Assistant System for Dysfluent Speech
    Mitra, Vikramjit
    Huang, Zifang
    Lea, Colin
    Tooley, Lauren
    Wu, Sarah
    Botten, Darren
    Palekar, Ashwini
    Thelapurath, Shrinath
    Georgiou, Panayiotis
    Kajarekar, Sachin
    Bigham, Jefferey
    INTERSPEECH 2021, 2021, : 4848 - 4852
  • [8] Understanding the Behavior Transparency of Voice Assistant Applications Using the ChatterBox Framework
    Natatsuka, Atsuko
    Iijima, Ryo
    Watanabe, Takuya
    Akiyama, Mitsuaki
    Sakai, Tetsuya
    Mori, Tatsuya
    PROCEEDINGS OF 25TH INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES, RAID 2022, 2022, : 143 - 159
  • [9] Understanding the Behavior Transparency of Voice Assistant Applications Using the ChatterBox Framework
    Natatsuka, Atsuko
    Iijima, Ryo
    Watanabe, Takuya
    Akiyama, Mitsuaki
    Sakai, Tetsuya
    Mori, Tatsuya
    ACM International Conference Proceeding Series, 2022, : 143 - 159
  • [10] Humanizing voice assistant: The impact of voice assistant personality on consumers' attitudes and behaviors
    Poushneh, Atieh
    JOURNAL OF RETAILING AND CONSUMER SERVICES, 2021, 58
12345