BadVoice: Soundless voice-control replay attack on modern smartphones

Park Joon Young, Jo Hyo Jin, Samuel Woo, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)


Speech recognition is a technology that enables the recognition and translation of spoken language into data that can be interpreted by computers. With the development of speech recognition technologies, voice assistants on mobile devices, such as Siri or Google Voice have been introduced. Particularly, mobile device users can easily perform several commands on their mobile devices using these systems. However, this convenience causes a vulnerability in that an adversary can access the mobile device data and functions easily. This vulnerability could be exploited by the adversary because there are no authentication procedures. Recently, a remote attack on a voice assistant was introduced, but the attack can be considered to be unrealistic because of many assumptions. In this paper, we analyze the vulnerabilities of mobile device speech recognition systems. We also introduce the Toilet-time attack as a new realistic attack model. Furthermore, we prove the practicality of our attack model and evaluate attack scenarios using a new attack tool called BadVoice.

Original languageEnglish
Title of host publicationICUFN 2016 - 8th International Conference on Ubiquitous and Future Networks
PublisherIEEE Computer Society
Number of pages6
ISBN (Electronic)9781467399913
Publication statusPublished - 2016 Aug 9
Event8th International Conference on Ubiquitous and Future Networks, ICUFN 2016 - Vienna, Austria
Duration: 2016 Jul 52016 Jul 8


Other8th International Conference on Ubiquitous and Future Networks, ICUFN 2016


  • Mobile Application
  • Security
  • Voice Assistant

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture


Dive into the research topics of 'BadVoice: Soundless voice-control replay attack on modern smartphones'. Together they form a unique fingerprint.

Cite this