Corpus ID: 235248139

An Analysis of Amazon Echo's Network Behavior

  title={An Analysis of Amazon Echo's Network Behavior},
  author={Jan Janak and Teresa Tseng and Aliza Isaacs and Henning Schulzrinne},
With over 20 million units sold since 2015, Amazon Echo, the Alexa-enabled smart speaker developed by Amazon, is probably one of the most widely deployed Internet of Things consumer devices. Despite the very large installed base, surprisingly little is known about the device’s network behavior. We modify a first generation Echo device, decrypt its communication with Amazon cloud, and analyze the device pairing, Alexa Voice Service, and drop-in calling protocols. We also describe our methodology… Expand

Figures from this paper


Security Analysis of the Amazon Echo
It is currently estimated that more that eight billion devices are connected to the internet worldwide. Since 2016, this number has increased by more than thirty percent and is predicted to continueExpand
Alexa, are you listening to me? An analysis of Alexa voice service network traffic
These findings support the Echo Dot recorded private home conversations and not all audio recordings are properly logged the Alexa Application, and offer a network signature capable of identifying AVS network traffic. Expand
Digital Forensic Approaches for Amazon Alexa Ecosystem
This paper proposes a proof of concept tool, CIFT, that supports identification, acquisition and analysis of both native artifacts from the cloud and client centric artifacts from local devices to support practical digital investigations. Expand
A Smart Home is No Castle: Privacy Vulnerabilities of Encrypted IoT Traffic
It is found that four IoT smart home devices can reveal potentially sensitive user interactions even when the traffic is encrypted, indicating that a technological solution is needed to protect IoT device owner privacy, and that IoT-specific concerns must be considered in the ongoing policy debate around ISP data collection and usage. Expand
Breaking All the Things - A Systematic Survey of Firmware Extraction Techniques for IoT Devices
An in-depth investigation of the security concept of the Amazon Echo Plus, which contains significant protection methods against hardware-level attacks and recommendations for countermeasures to mitigate the respective methods. Expand
Session Description Protocol (SDP) Security Descriptions for Media Streams
This document defines how to use the Session Description Protocol crypto attribute for the Secure Real-time Transport Protocol (SRTP) unicast media streams. Expand
Managing Client-Initiated Connections in the Session Initiation Protocol (SIP)
This specification defines behaviors for User Agents, registrars and proxy servers that allow requests to be delivered on existing connections established by the User Agent, and defines keep alive behaviors needed to keep NAT bindings open. Expand
Alexa, Are You Listening?
It is found that many non-users did not see the utility of smart speakers or did not trust speaker companies, and current smart speaker privacy controls are rarely used, as they are not well-aligned with users' needs. Expand
Traversal Using Relays around NAT (TURN): Relay Extensions to Session Traversal Utilities for NAT (STUN)
The TURN protocol was designed to be used as part of the Interactive Connectivity Establishment (ICE) approach to NAT traversal, though it can also be used without ICE. Expand
Session Initiation Protocol (SIP) Extension Header Field for Registering Non-Adjacent Contacts
This document defines an extension header field, "Path" which provides a mechanism to discover and record this sequence of proxies in the registrar for future use. Expand