Study on the Smart Speaker Security Evaluations and Countermeasures

Jiseop Lee, Sooyoung Kang, Seung-Joo Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.

Original languageEnglish
Title of host publicationAdvanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019
EditorsLaurence T. Yang, Fei Hao, Young-Sik Jeong, James J. Park
PublisherSpringer Verlag
Pages50-70
Number of pages21
ISBN (Print)9789813292437
DOIs
Publication statusPublished - 2020 Jan 1
Event13th International Conference on Multimedia and Ubiquitous Engineering, MUE 2019 and 14th International Conference on Future Information Technology, Future Tech 2019 - Xian, China
Duration: 2019 Apr 242019 Apr 26

Publication series

NameLecture Notes in Electrical Engineering
Volume590
ISSN (Print)1876-1100
ISSN (Electronic)1876-1119

Conference

Conference13th International Conference on Multimedia and Ubiquitous Engineering, MUE 2019 and 14th International Conference on Future Information Technology, Future Tech 2019
CountryChina
CityXian
Period19/4/2419/4/26

Keywords

  • Smart speaker
  • STRIDE
  • Threat modeling

ASJC Scopus subject areas

  • Industrial and Manufacturing Engineering

Cite this

Lee, J., Kang, S., & Kim, S-J. (2020). Study on the Smart Speaker Security Evaluations and Countermeasures. In L. T. Yang, F. Hao, Y-S. Jeong, & J. J. Park (Eds.), Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019 (pp. 50-70). (Lecture Notes in Electrical Engineering; Vol. 590). Springer Verlag. https://doi.org/10.1007/978-981-32-9244-4_7

Study on the Smart Speaker Security Evaluations and Countermeasures. / Lee, Jiseop; Kang, Sooyoung; Kim, Seung-Joo.

Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019. ed. / Laurence T. Yang; Fei Hao; Young-Sik Jeong; James J. Park. Springer Verlag, 2020. p. 50-70 (Lecture Notes in Electrical Engineering; Vol. 590).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, J, Kang, S & Kim, S-J 2020, Study on the Smart Speaker Security Evaluations and Countermeasures. in LT Yang, F Hao, Y-S Jeong & JJ Park (eds), Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019. Lecture Notes in Electrical Engineering, vol. 590, Springer Verlag, pp. 50-70, 13th International Conference on Multimedia and Ubiquitous Engineering, MUE 2019 and 14th International Conference on Future Information Technology, Future Tech 2019, Xian, China, 19/4/24. https://doi.org/10.1007/978-981-32-9244-4_7
Lee J, Kang S, Kim S-J. Study on the Smart Speaker Security Evaluations and Countermeasures. In Yang LT, Hao F, Jeong Y-S, Park JJ, editors, Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019. Springer Verlag. 2020. p. 50-70. (Lecture Notes in Electrical Engineering). https://doi.org/10.1007/978-981-32-9244-4_7
Lee, Jiseop ; Kang, Sooyoung ; Kim, Seung-Joo. / Study on the Smart Speaker Security Evaluations and Countermeasures. Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019. editor / Laurence T. Yang ; Fei Hao ; Young-Sik Jeong ; James J. Park. Springer Verlag, 2020. pp. 50-70 (Lecture Notes in Electrical Engineering).
@inproceedings{1fdfc1df55724f45b82bf77e8e7e178a,
title = "Study on the Smart Speaker Security Evaluations and Countermeasures",
abstract = "The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.",
keywords = "Smart speaker, STRIDE, Threat modeling",
author = "Jiseop Lee and Sooyoung Kang and Seung-Joo Kim",
year = "2020",
month = "1",
day = "1",
doi = "10.1007/978-981-32-9244-4_7",
language = "English",
isbn = "9789813292437",
series = "Lecture Notes in Electrical Engineering",
publisher = "Springer Verlag",
pages = "50--70",
editor = "Yang, {Laurence T.} and Fei Hao and Young-Sik Jeong and Park, {James J.}",
booktitle = "Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019",

}

TY - GEN

T1 - Study on the Smart Speaker Security Evaluations and Countermeasures

AU - Lee, Jiseop

AU - Kang, Sooyoung

AU - Kim, Seung-Joo

PY - 2020/1/1

Y1 - 2020/1/1

N2 - The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.

AB - The smart speaker provides users with useful functions such as music playback and online search with simple operation. However, since smart speakers always wait for the user’s voice, if they are exposed to security threats, serious problems can occur such as eavesdropping and privacy disclosure. Therefore, in order to provide improved security for of all smart speakers, it is necessary to identify potential security threats and systematically investigate vulnerabilities. In this paper, we perform security threat modeling for four products with high market share. STRIDE threat modeling was used to make a checklist for systematic vulnerability checks and the checklist was used to check vulnerabilities of commercial devices. Here, we propose a new method to improve the security of smart speaker through the analysis of the vulnerability check result and the vulnerability of each product.

KW - Smart speaker

KW - STRIDE

KW - Threat modeling

UR - http://www.scopus.com/inward/record.url?scp=85071858766&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85071858766&partnerID=8YFLogxK

U2 - 10.1007/978-981-32-9244-4_7

DO - 10.1007/978-981-32-9244-4_7

M3 - Conference contribution

SN - 9789813292437

T3 - Lecture Notes in Electrical Engineering

SP - 50

EP - 70

BT - Advanced Multimedia and Ubiquitous Engineering - MUE/FutureTech 2019

A2 - Yang, Laurence T.

A2 - Hao, Fei

A2 - Jeong, Young-Sik

A2 - Park, James J.

PB - Springer Verlag

ER -