Deep Adversarial Learning on Google Home devices
Andrea Ranieri, Davide Caputo, Luca Verderame, Alessio Merlo, Luca, Caviglione
TL;DR
This paper evaluates the effectiveness of deep adversarial learning countermeasures against privacy attacks on Google Home devices, revealing their inadequacy and highlighting the need for re-engineering to enhance security.
Contribution
It provides an experimental assessment showing that current adversarial defenses are insufficient against machine learning-based privacy attacks on smart speakers.
Findings
Adversarial countermeasures fail to prevent traffic analysis attacks
Current defenses do not guarantee privacy for smart speaker users
Major re-engineering is required for effective protection
Abstract
Smart speakers and voice-based virtual assistants are core components for the success of the IoT paradigm. Unfortunately, they are vulnerable to various privacy threats exploiting machine learning to analyze the generated encrypted traffic. To cope with that, deep adversarial learning approaches can be used to build black-box countermeasures altering the network traffic (e.g., via packet padding) and its statistical information. This letter showcases the inadequacy of such countermeasures against machine learning attacks with a dedicated experimental campaign on a real network dataset. Results indicate the need for a major re-engineering to guarantee the suitable protection of commercially available smart speakers.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · Network Security and Intrusion Detection · Advanced Malware Detection Techniques