MACHINE LEARNING – Adversarial audio can be used to attack voice assistants with hidden commands

In yesterday’s New York Times, Alexa and Siri Can Hear This Hidden Command. You Can’t:

Over the last two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant. Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio.

A group of students from University of California, Berkeley, and Georgetown University showed in 2016 that they could hide commands in white noise played over loudspeakers and through YouTube videos to get smart devices to turn on airplane mode or open a website.

This month, some of those Berkeley researchers published a research paper that went further, saying they could embed commands directly into recordings of music or spoken text. So while a human listener hears someone talking or an orchestra playing, Amazon’s Echo speaker might hear an instruction to add something to your shopping list.

You can also hear samples of adversarial audio and read the actual paper.

Of course, the more ubiquitous and capable networked computation becomes, the harder it gets for people to reason about attack vectors like this one. While these are vulnerabilities in the affected system and not designed features, this is reminiscent of the news a while back about smartphone apps picking up “audio beacons” embedded in TV output to track users’ exposure to advertising.

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 35,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org

Maker Business — How (some) chips get made

Wearables — Need a lot of power for your project? Read on!

Electronics — Storage Safety 101

Python for Microcontrollers — Python on Microcontrollers Newsletter: 100 Blinka Compatible SBCs, RISC-V, and so much more! #CircuitPython @micropython @ThePSF @Raspberry_Pi

Adafruit IoT Monthly — Turtle Eggs, Pool Monitors, and more!

Microsoft MakeCode — MakeCode Thank You!

EYE on NPI — Maximโ€™s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products โ€“ Adafruit Industries โ€“ Makers, hackers, artists, designers and engineers! — New Products 11/30/22 Featuring #Adafruit Feather #RP2040! @adafruit #newproducts

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.

Filed under: machine learning, privacy, Security — by Brennen Bearnes

Comments Off on MACHINE LEARNING – Adversarial audio can be used to attack voice assistants with hidden commands