TY - GEN
T1 - Study on the Smart Speaker Security Evaluations and Countermeasures
AU - Lee, Jiseop
AU - Kang, Sooyoung
AU - Kim, Seungjoo
N1 - Funding Information:
Acknowledgements. This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2017-0-00184, Self-Learning Cyber Immune Technology Development).
Publisher Copyright:
© 2020, Springer Nature Singapore Pte Ltd.
Copyright:
Copyright 2019 Elsevier B.V., All rights reserved.
PY - 2020
Y1 - 2020
N2 - The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.
AB - The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.
KW - STRIDE
KW - Smart speaker
KW - Threat modeling
UR - http://www.scopus.com/inward/record.url?scp=85071858766&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85071858766&partnerID=8YFLogxK
U2 - 10.1007/978-981-32-9244-4_7
DO - 10.1007/978-981-32-9244-4_7
M3 - Conference contribution
AN - SCOPUS:85071858766
SN - 9789813292437
T3 - Lecture Notes in Electrical Engineering
SP - 50
EP - 70
BT - Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019
A2 - Yang, Laurence T.
A2 - Hao, Fei
A2 - Jeong, Young-Sik
A2 - Park, James J.
PB - Springer Verlag
T2 - 13th International Conference on Multimedia and Ubiquitous Engineering, MUE 2019 and 14th International Conference on Future Information Technology, Future Tech 2019
Y2 - 24 April 2019 through 26 April 2019
ER -