You Can Hear But You Cannot Steal: Defending Against Voice Impersonation Attacks on Smartphones

@article{Chen2017YouCH,
  title={You Can Hear But You Cannot Steal: Defending Against Voice Impersonation Attacks on Smartphones},
  author={Si Chen and K. Ren and Sixu Piao and Cong Wang and Q. Wang and J. Weng and Lu Su and Aziz Mohaisen},
  journal={2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)},
  year={2017},
  pages={183-195}
}
  • Si Chen, K. Ren, +5 authors Aziz Mohaisen
  • Published 2017
  • Computer Science
  • 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)
Voice, as a convenient and efficient way of information delivery, has a significant advantage over the conventional keyboard-based input methods, especially on small mobile devices such as smartphones and smartwatches. However, the human voice could often be exposed to the public, which allows an attacker to quickly collect sound samples of targeted victims and further launch voice impersonation attacks to spoof those voice-based applications. In this paper, we propose the design and… Expand
VoicePop: A Pop Noise based Anti-spoofing System for Voice Authentication on Smartphones
TLDR
This paper designs and implements VoicePop, a robust software-only anti-spoofing system on smartphones that leverages the pop noise, which is produced by the user breathing while speaking close to the microphone, to identify legitimate users and defend against spoofing attacks. Expand
The Catcher in the Field: A Fieldprint based Spoofing Detection for Text-Independent Speaker Verification
TLDR
The key insight of CaField is to construct "fieldprint'' with the acoustic biometrics embedded in sound fields, i.e., a physical field of acoustic energy created as the sound propagates over the air, as analogous to "voiceprint''. Expand
Using AI to Attack VA: A Stealthy Spyware Against Voice Assistances in Smart Phones
TLDR
This work proposes a novel attack approach, namely Vaspy, which crafts the users’ “activation voice” by silently listening to users' phone calls, and embodies a machine learning model that learns suitable attacking times to prevent the attack from being noticed by the user. Expand
A Continuous Liveness Detection System for Text-independent Speaker Verification
  • Linghan Zhang, Jie Yang
  • Computer Science
  • ArXiv
  • 2021
TLDR
This paper proposes VoiceLive, a liveness detection system for both text-dependent and text-independent voice authentication on smartphones that achieves over 99% detection accuracy at around 1% Equal Error Rate (EER) on the text- dependent system and around 99% accuracy and 2% EER on thetext-independent one. Expand
Combating Replay Attacks Against Voice Assistants
TLDR
This work develops an end-to-end system to detect replay attacks without requiring a user to wear any wearable device and shows the overall system offers low false positive and false negative when evaluated against a range of attacks. Expand
Hearing Your Voice is Not Enough: An Articulatory Gesture Based Liveness Detection for Voice Authentication
TLDR
This work proposes VoiceGesture, a liveness detection system for replay attack detection on smartphones that detects a live user by leveraging both the unique articulatory gesture of the user when speaking a passphrase and the mobile audio hardware advances. Expand
Using AI to Hack IA: A New Stealthy Spyware Against Voice Assistance Functions in Smart Phones
TLDR
The activation logic of voice assistant is suggested to be resilient to the speaker based attack, and an intelligent stealthy module is designed to decide on the suitable occasion to launch the attack, preventing the attack being noticed by the user. Expand
VibLive: A Continuous Liveness Detection for Secure Voice User Interface in IoT Environment
TLDR
VibLive is a text-independent system that verifies live users and detects spoofing attacks without requiring users to enroll specific passphrases, and requires neither additional operations nor extra hardwares, other than a loudspeaker and a microphone that are commonly equipped on VUIs. Expand
Speech Based Human Authentication on Smartphones
TLDR
SpeakPrint is proposed, an ultrasound based human speech authentication scheme for smartphones which is resistant for these attacks and can be used in multi-factor authentication systems, where multiple authentication mechanisms are used to achieve defense in depth. Expand
SRVoice: A Robust Sparse Representation-Based Liveness Detection System
  • Jiacheng Shang, Si Chen, Jie Wu
  • Computer Science
  • 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS)
  • 2018
TLDR
A new system is proposed that leverages the structural differences between human vocal system and loudspeakers and use the unique vibration pattern of both human vocal cord and throat as a key differentiating factor for liveness detection to tackle spoofing attacks. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 61 REFERENCES
Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone
TLDR
A novel approach (GVS-Attack) to launch permission bypassing attacks from a zero-permission Android application (VoicEmployer) through the phone speaker, which can forge SMS/Email, access privacy information, transmit sensitive data and achieve remote control without any permission. Expand
Preventing replay attacks on speaker verification systems
TLDR
A system for detecting spoofing attacks on speaker verification systems and shows the degradation on the speaker verification performance in the presence of this kind of attack and how to use the spoofing detection to mitigate that degradation. Expand
Wiretapping via Mimicry: Short Voice Imitation Man-in-the-Middle Attacks on Crypto Phones
TLDR
This paper challenges the assumption that the voice channel, over which SAS is validated by the users, provides the properties of integrity and source authentication, and reports on automated SAS voice imitation man-in-the-middle attacks that can compromise the security of Crypto Phones in both two-party and multi-party settings. Expand
Spoofing and countermeasures for speaker verification: A survey
TLDR
A survey of past work and priority research directions for the future is provided, showing that future research should address the lack of standard datasets and the over-fitting of existing countermeasures to specific, known spoofing attacks. Expand
Voice conversion and spoofing attack on speaker verification systems
  • Zhizheng Wu, Haizhou Li
  • Computer Science
  • 2013 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference
  • 2013
TLDR
An overview of recent spoofing attacks under different conditions with a focus on voice conversion spoofing attack is given and anti-spoofing attack measures for speaker verification are discussed. Expand
Detecting Replay Attacks from Far-Field Recordings on Speaker Verification Systems
TLDR
A system for detecting spoofing attacks on speaker verification systems and shows the degradation on the speaker verification performance in the presence of this kind of attack and how to use the spoofing detection to mitigate that degradation. Expand
On the vulnerability of automatic speaker recognition to spoofing attacks with artificial signals
TLDR
A new approach based on artificial, tone-like signals which provoke higher ASV scores than genuine client tests is introduced, demonstrating the importance of efforts to develop dedicated countermeasures to protect ASV systems from spoofing. Expand
Sensor-assisted facial recognition: an enhanced biometric authentication system for smartphones
TLDR
A new sensor-assisted facial authentication method that uses motion and light sensors to defend against 2D media attacks and virtual camera attacks without the penalty of authenti-cation speed is proposed. Expand
Spoofing countermeasures to protect automatic speaker verification from voice conversion
TLDR
A new countermeasure is presented for the protection of automatic speaker verification systems from spoofed, converted voice signals that exploits the common shift applied to the spectral slope of consecutive speech frames involved in the mapping of a spoofer's voice signal towards a statistical model of a given target. Expand
Vulnerability in speaker verification - a study of technical impostor techniques
TLDR
This paper reported on some ways to try to deceive a state-of-the-art speaker verification (SV) system and defined a worst case scenario where the impostor has extensive knowledge about the person to deceive as well as the system to attack. Expand
...
1
2
3
4
5
...