Researchers Use Sonar to Protect Smart Speakers Against Hackers

Researchers from Hanyang University, Chinese Academy of Sciences and School of Cyber Security, the University of Virginia, and others have designed a device that uses sonar to protect smart speakers from intrusion. Smart speakers, including Amazon’s Echo and Google’s Home, have become a prominent component within the smart home, allowing users to give simple voice commands to engage appliances, lighting, and even banking services. Hackers have been able to gain access to those speakers and anything connected to user’s home networks

To help prevent smart speaker intrusion, the researchers developed the Speaker-Sonar — a sonar-based liveness detection system, making sure the issued voice command is coming from the rightful users, rather than the attacker. To accomplish that task, the device transmits an inaudible wide-band signal, suitable for indoor environments, to ping and track the user’s direction and compares it to the position of the initial voice command. The researchers combined that signal with SRP-PHAT-HSDA, windowing, and spectral subtracing with noise bin removal techniques for precision localization.

The Speaker-Sonar was created using a Raspberry Pi 3B, an omnidirectional speaker, a MATRIX Voice, and a commodity speaker similar to the Amazon Echo. To test the unit, the researchers used a series of participants, positioned at various distances from 0 to 20-meters, while standing stationary and moving.

The participants were then paired against malicious remote commands to test the effectiveness of the system. The results showed that the Speaker-Sonar could reject remote voice attacks with an average accuracy of 95.5% at a range of 2-meters, thus significantly raising the bar against attackers. The system is by no means a 100% catch-all in preventing intrusion, but it’s a significant step forward.