ABSTRACT
In this study, we conduct the first study on the analysis of voice assistant (VA) apps. We first collect the metadata of VA apps from the VA app directory and analyze them. Next, we call VA apps by the corresponding voice commands and examine how they identify users by analyzing the responses from the apps. We found that roughly half of the VA apps performed user identification by some means. We also found that several apps aim to acquire personal information such as birth date, age, or the blood type through voice conversations. As such data will be stored in the cloud, we need to have a mechanism to ensure that an end-user can check/control the data in a usable way.
- Noura Abdi, Kopo M. Ramokapane, and Jose M. Such. 2019. More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants. In Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019). 451--466.Google Scholar
- Google. 2019 a. Actions on Google . Google.Google Scholar
- Google. 2019 b. Assistant directory . Google.Google Scholar
- Nan Zhang, Xianghang Mi, Xuan Feng, XiaoFeng Wang, Yuan Tian, and Feng Qian. 2019. Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems. In Proc. of the 2019 IEEE Symposium on Security and Privacy. IEEE , 263--278.Google ScholarCross Ref
Index Terms
- Poster: A First Look at the Privacy Risks of Voice Assistant Apps
Recommendations
Should You Use the App for That?: Comparing the Privacy Implications of App- and Web-based Online Services
IMC '16: Proceedings of the 2016 Internet Measurement ConferenceMany popular, free online services provide cross-platform interfaces via Web browsers as well as apps on iOS and Android. To monetize these services, many additionally include tracking and advertising libraries that gather information about users with ...
POSTER: Experimental Analysis of Popular Anonymous, Ephemeral, and End-to-End Encrypted Apps
WiSec '16: Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile NetworksAs social networking takes to the mobile world, smartphone apps provide users with ever-changing ways to interact with each other. Over the past couple of years, an increasing number of apps have entered the market offering end-to-end encryption, self-...
Poster: Android Whole-System Control Flow Analysis for Accurate Application Behavior Modeling
MobiSys '16 Companion: Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services CompanionAndroid, the modern operating system for smartphones, together with its millions of apps, has become an important part of human life. There are many challenges to analyzing them. It is important to model the mobile systems in order to analyze the ...
Comments