Deep Adversarial Learning on Google Home devices

Andrea Ranieri¹, Davide Caputo², Luca Verderame², Alessio Merlo²⁺, and Luca Caviglione¹
 

¹IMATI - National Research Council of Italy
{andrea.ranieri, luca.caviglione}@ge.imati.cnr.it

²DIBRIS - University of Genova, Italy

{davide.caputo, luca.verderame, alessio}@dibris.unige.it

Abstract

Smart speakers and voice-based virtual assistants are core components for the success of the IoT paradigm. Unfortunately, they are vulnerable to various privacy threats exploiting machine learning to analyze the generated encrypted traffic. To cope with that, deep adversarial learning approaches can be used to build black-box countermeasures altering the network traffic (e.g., via packet padding) and its statistical information. This letter showcases the inadequacy of such countermeasures against machine learning attacks with a dedicated experimental campaign on a real network dataset. Results indicate the need for a major re-engineering to guarantee the suitable protection of commercially available smart speakers.

Keywords: Smart Speakers, IoT privacy, Deep Adversarial Learning, Machine Learning

+: Corresponding author: Alessio Merlo
Department of Informatics, Bioengineering, Robotics, and System Engineering, Viale Causa 13, 16145, Genoa, Italy, Tel: +39-01033-52344

Journal of Internet Services and Information Security (JISIS), 11(4): 33-43, November 2021
Received: September 13, 2021; Accepted: October 27, 2021; Published: November 30, 2021
DOI: 10.22667/JISIS.2021.11.30.033 [pdf]