Attacks and Defenses of Smart Speakers: Voice Command Fingerprinting on Alexa

Abstract

Smart speakers, such as Amazon Alexa and Google Home, are a form of voice-based interactive technology that helps consumers solve queries with real-time responses. Smart speaker adoption has increased significantly over the last few years, and this growth is expected to continue. Voice AI, specifically voice commands, have made people’s lives more convenient by helping them save time while avoiding physical contact. However, smart speakers also have security risks, including listening to and recording private conversations. In this paper, we review and analyze attacks on Amazon Alexa, their implementation, consequences, and defenses. We also dive into voice command fingerprinting and take inspiration from websites and video streaming fingerprinting to propose new potential defenses. This paper aims to highlight the attacks and protection in the newly emerging field of smart speakers.