ventrilock exploring voice based authentication systems
play

VentriLock: Exploring voice-based authentication systems Chaouki K - PowerPoint PPT Presentation

Dec 16, 2023 •340 likes •901 views

VentriLock: Exploring voice-based authentication systems Chaouki K ASMI & Jos L OPES E STEVES ANSSI, F RANCE Hack In Paris 06/2017 WHO WE ARE Chaouki Kasmi and Jos Lopes Esteves ANSSI-FNISA / Wireless Security Lab

  1. VentriLock: Exploring voice-based authentication systems Chaouki K ASMI & José L OPES E STEVES ANSSI, F RANCE Hack In Paris – 06/2017

  2. WHO WE ARE Chaouki Kasmi and José Lopes Esteves  ANSSI-FNISA / Wireless Security Lab  Electromagnetic threats on information systems  RF communications security  Embedded systems  Signal processing Chaouki Kasmi & José Lopes Esteves 2

  3. AGENDA  Context: Voice command interpreters  Voice as biometrics  From brain to computer’s model  Testing voice authentication engines  Conclusion and future work Chaouki Kasmi & José Lopes Esteves 3

  4. Voice Command Interpreters Definitions and security analysis

  5. VOICE COMMAND INTERPRETERS Where? Who? APIs * What? Chaouki Kasmi & José Lopes Esteves 5

  6. THREAT OF UNAUTHORIZED USE Chaouki Kasmi & José Lopes Esteves 6

  7. THREAT OF UNAUTHORIZED USE  Silent voice command injection with a radio signal by front-door coupling on headphones cables [5] Tx antenna Headphone cable Target Chaouki Kasmi & José Lopes Esteves 7

  8. THREAT OF UNAUTHORIZED USE  Silent voice command injection with a radio signal by back-door coupling [6] Chaouki Kasmi & José Lopes Esteves 8

  9. THREAT OF UNAUTHORIZED USE  Malicious application playing voice commands through the phone’s speaker [1]  Mangled commands understandable by the system but not the user [3]  Same technique, embedded in multimedia files [2,4] Chaouki Kasmi & José Lopes Esteves 9

  10. SECURITY IMPACTS  Tracking  Eavesdropping  Cost abuse  Reputation / Phishing  Malicious app trigger/payload delivery  Advanced compromising  Unauthorized use of applications / services / smart devices … Chaouki Kasmi & José Lopes Esteves 10

  11. SECURITY MEASURES  Personalize keyword  Carefully choose available commands (esp. Pre-auth)  Limit critical commands  Provide finer-grain settings to user  Enable feedbacks (sound , vibration…)  Voice recogniton flickr.com/photos/hikingartist Chaouki Kasmi & José Lopes Esteves 11

  12. Voice as biometrics Using voice for authentication

  13. BIOMETRICS  "automated recognition of individuals based on their biological and behavioural characteristics“ biometricsinstitute.org  "biological and behavioural characteristic of an individual from which distinguishing, repeatable biometric features can be extracted for the purpose of biometric recognition" ISO/IEC 2382-37. Information technology — Vocabulary — Part 37: Biometrics Chaouki Kasmi & José Lopes Esteves 13

  14. BIOMETRICS Biometrics Physical Behavioral Head Hand Others Voice Others • Face • Fingerprint • DNA • Writing • Iris • Palmprint • Etc. • Typing • Ear • Hand geometry • Gait • Etc. • Vein pattern • Etc. • Etc. Chaouki Kasmi & José Lopes Esteves 14

  15. BIOMETRICS  Enrollment Signal Feature Template Acquisition processing extraction / Model  Application www.silicon.co.uk Signal Feature Comparison / Acquisition processing extraction Decision Chaouki Kasmi & José Lopes Esteves 15

  16. VOICE BIOMETRICS  Applications:  Speaker verification/authentication,  Speaker identification … http://www.busim.ee.boun.edu.tr  Two main cases:  Text independent  Text dependent Chaouki Kasmi & José Lopes Esteves 16

  17. VOICE BIOMETRICS  Applications:  Speaker verification/authentication,  Speaker identification … http://www.busim.ee.boun.edu.tr  Two main cases:  Text independent  Text dependent Chaouki Kasmi & José Lopes Esteves 17

  18. VOICE BIOMETRICS Signal Feature Comparison / Acquisition processing extraction Decision Microphone Pre-emphasis LPC, GMM, Filtering … RNN… MFCC, LPCC, DWT, WPD,  Enrollment PLP…  3 to 5 repetitions of the keyword  Model derivation  The more samples, the more reliable  Speaker verification  A comparison metrics and a threshold Chaouki Kasmi & José Lopes Esteves 18

  19. VOICE BIOMETRICS  Pros:  Acquisition device (microphone) widespread and low cost  Remote operation possible and natively supported  Cons:  Voice changes over time (accuracy vs. usability)  Malicious acquisition very easy  Generation, modification tools available  Submission of test vectors affordable (speaker)  Liveness detection not trivial Chaouki Kasmi & José Lopes Esteves 19

  20. VOICE BIOMETRICS  Reliability issues:  “At the present time, there is no scientific process that enables one to uniquely characterize a person’s voice” (2003) [10]  “Especially when:  The speaker does not cooperate  There is no control over recording equipment  Recording conditions are not known  One does not know if the voice was disguised  The linguistic content is not controlled ” Chaouki Kasmi & José Lopes Esteves 20

  21. VOICE BIOMETRICS  Reliability issues: Extract from [12] Chaouki Kasmi & José Lopes Esteves 21

  22. From brain to computer’s model Feature extraction techniques

  23. FROM BRAIN TO COMPUTER’S MODEL  Voice characteristics  What we hear? Dan Jurafsky “Lecture 6: Feature Extraction and Acoustic Modeling “ Chaouki Kasmi & José Lopes Esteves 23

  24. FROM BRAIN TO COMPUTER’S MODEL  Voice characteristics – Specificities  Signal processing of non-stationnary signals  Characteristics function of the time Chaouki Kasmi & José Lopes Esteves 24

  25. FROM BRAIN TO COMPUTER’S MODEL  Voice characteristics – Specificities  Sensitivity of human hearing not linear  Less sensitive at higher frequencies > 1 kHz Dan Jurafsky “Lecture 6: Feature Extraction and Acoustic Modeling “ Chaouki Kasmi & José Lopes Esteves 25

  26. FROM BRAIN TO COMPUTER’S MODEL  Linear prediction cepstral coefficient (LPCC)  Energy values of linearly arranged filter banks  Mimic the human speech production  Discrete Wavelet Transform (DWT)  Decomposition separates the lower frequency contents and higher frequency contents.  Only the low pass signal is further split  Wavelet Packet Decomposition (WPD)  Low and High pass signals are further split Chaouki Kasmi & José Lopes Esteves 26

  27. FROM BRAIN TO COMPUTER’S MODEL  Mel-frequency cepstral coefficients (MFCC)  Frequency bands are placed logarithmically  Model the human system closely  Easier to implement  Voice to text and voice recognition engines  Widely used for feature extraction (many papers published by voice recognition editors ex. Google) Chaouki Kasmi & José Lopes Esteves 27

  28. FROM BRAIN TO COMPUTER’S MODEL  Mel-frequency cepstral coefficients (MFCC)  Preprocessing before feature extraction;  Framing the signal are splits in time domain, then on each individual frame then windowing them;  Converting each frame TD to FD with DFT;  Filter bank is created by calculating number of picks spaced on Mel-scale and again transforming back to the normal frequency scale;  Converting back the mel spectrum coefficient to TD coefficient to the time domain with Discrete Cosine Transform Chaouki Kasmi & José Lopes Esteves 28

  29. Testing voice authentication engines Testing in a black-box context existing solutions

  30. TESTING APPROACH  We consider the verification system as a black box  We use publicly available toolsets  We set up test scenarios based on the attack’s prerequisites  Knows target language ?  Knows t arget’s keyword ?  Possesses target’s voice samples? Chaouki Kasmi & José Lopes Esteves 30

  31. EXPERIMENTAL SETUP Wi-Fi Target 1 Target 2 Target 3 (Siri) (S-voice) (Google now) Chaouki Kasmi & José Lopes Esteves 31

  32. TESTS: SPEAKER IMPERSONATION  The attacker hears the target saying the keyword  He tries to impersonate the target’s voice  We are not professional impersonators  But we succeeded on all tested targets  Within less than 15 attempts Chaouki Kasmi & José Lopes Esteves 32

  33. TESTS: REPLAY  The attacker has a recording of the target saying the keyword  Our demo last year at Hack In Paris [6] Chaouki Kasmi & José Lopes Esteves 33

  34. TESTS: REPLAY  The attacker has a recording of the target saying the keyword  Our demo last year at Hack In Paris [6]  Additionnal tests  Looking to boundaries with legit sample modifications (Filtering, Pitch, Time-Scale , SNR)  Target 1 (Siri) is shifting pre-auth. ??? Chaouki Kasmi & José Lopes Esteves 34

  35. TESTS: MODEL SHIFTING  The attacker knows the keyword  If the model is updated for each submitted sample  It can shift so as to accept any voice sample  By submitting the same sample repeatedly until it passes the authentication Chaouki Kasmi & José Lopes Esteves 35

  36. TESTS: MODEL SHIFTING  Results related to target 1  Try 1 : 10 use by legit user  Try 2 : 50 use by legit user  Number of try required to trigger target 1  Legit user still able to trigger target 1 (+ OK, - NOK) 2 3 4 5 6 7 8 9 10 1 1, + 1, + 16, + 25,+ 101,- 21,+ 34,- 70,+ 385, - 1 bis 1, + 4, + 30, + 48, + 98,- 33,- 24,+ 54,- 402, - Chaouki Kasmi & José Lopes Esteves 36

Recommend

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been proposed for applications including: Encryption and authentication For detecting malicious alterations of design components For

645 views • 15 slides
HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest

HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest

HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest mechanisms called challenge-response entity authentication exchange cleartext bitstrings directly, i.e., no cryptographic primitives are used A PUF

1.08k views • 38 slides
1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

Authentication Protocols Guevara Noubir College of Computer and Information Science Northeastern University noubir@ccs.neu.edu Outline Overview of Authentication Systems [Chapter 9] Authentication of People [Chapter 10]

396 views • 17 slides
Exploring Architecture Options for a Federated, Cloud-based Systems Biology Knowledgebase Ian

Exploring Architecture Options for a Federated, Cloud-based Systems Biology Knowledgebase Ian

Exploring Architecture Options for a Federated, Cloud-based Systems Biology Knowledgebase Ian Gorton, Jenny Liu, Jian Yin 1 Systems Biology Systems Biology Integrated study of organisms as a whole Obtain, integrate, and analyze complex data

208 views • 16 slides
Intelligibility and Space based voice Intelligibility and Space-based voice with relaxed delay

Intelligibility and Space based voice Intelligibility and Space-based voice with relaxed delay

Intelligibility and Space based voice Intelligibility and Space-based voice with relaxed delay constraints Sam Nguyen, Clayton Okino, and Michael Cheng J t P Jet Propulsion Laboratory l i L b t Presented at IEEE Aerospace Conference Big

260 views • 13 slides
CHA : A C aching Framework for H ome-based Voice A ssistant Systems Lanyu Xu 1 , Arun Iyengar 2 ,

CHA : A C aching Framework for H ome-based Voice A ssistant Systems Lanyu Xu 1 , Arun Iyengar 2 ,

CHA : A C aching Framework for H ome-based Voice A ssistant Systems Lanyu Xu 1 , Arun Iyengar 2 , Weisong Shi 1 1 Wayne State University 2 IBM T.J. Watson Research Center 10/30/20 Connected and Autonomous dRiving Laboratory 1 Introduction: Smart

424 views • 19 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
Continuous Authentication for Voice Assistants Huan Feng * , Kassem Fawaz * , and Kang G. Shin

Continuous Authentication for Voice Assistants Huan Feng * , Kassem Fawaz * , and Kang G. Shin

Continuous Authentication for Voice Assistants Huan Feng * , Kassem Fawaz * , and Kang G. Shin Presented by Anousheh and Omer Overview Introduction/Existing Solutions and Novelty Human Speech Model System and Threat Models

703 views • 41 slides
Telephone Based Automatic Telephone Based Automatic Voice Pathology Assessment. Voice Pathology

Telephone Based Automatic Telephone Based Automatic Voice Pathology Assessment. Voice Pathology

Telephone Based Automatic Telephone Based Automatic Voice Pathology Assessment. Voice Pathology Assessment. Rosalyn Moran 1 , R. B. Reilly 1 , P.D. Lacy 2 1 Department of Electronic and Electrical Engineering, University College Dublin, Ireland

298 views • 13 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
A Key to Your Heart: Biometric Authentication Based on ECG Signals Who Are You?! Adventures in

A Key to Your Heart: Biometric Authentication Based on ECG Signals Who Are You?! Adventures in

A Key to Your Heart: Biometric Authentication Based on ECG Signals Who Are You?! Adventures in Authentication Workshop (WAY) 2019 Nikita Samarin, Donald Sannella Traditional Passwords Most common mechanism of authenticating users online

251 views • 14 slides
Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and Schroeder Authentication in general Bishop: Authentication is the binding of an identity to a principal. Network-based authentication mechanisms

1.6k views • 43 slides
SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit

SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit

SOUTHERNAIRAVIATION FLY-BY-VOICE TM INTO NEXTGEN CENTURY Voice Activated Cockpit Management Systems Diane Serban, Ph.D., SAA Inc. Vincent Houston, NASA Langley Research Center SAA Provides Off-Line VOICE RECOGNITION Solutions to

501 views • 11 slides
Voice Authentication Tres Commas Jonathan Easterman (Lead), Sasha Shams (Scribe), Arda Ungun,

Voice Authentication Tres Commas Jonathan Easterman (Lead), Sasha Shams (Scribe), Arda Ungun,

Voice Authentication Tres Commas Jonathan Easterman (Lead), Sasha Shams (Scribe), Arda Ungun, Carson Holoien, Vince Nicoara Mentors: Mike Weaver, Colin Kelley, James Brown Chandra Krintz, Ankita Singh Problem & Motivation Current

371 views • 11 slides
Speech Technology in Mobile Phones Part II : Voice based Agriculture Information Systems Rajesh

Speech Technology in Mobile Phones Part II : Voice based Agriculture Information Systems Rajesh

Speech Technology in Mobile Phones Part II : Voice based Agriculture Information Systems Rajesh M. Hegde rhegde@iitk.ac.in Associate Professor Dept. of EE Indian Institute of Technology Kanpur Several pictures used in this presentation have

373 views • 22 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics, Affect Detection &

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics, Affect Detection &

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics, Affect Detection & Energy Efficiency Emmanuel Agu Voice-Based/Speech Analytics Voice Based Analytics Voice can be analyzed, lots of useful information extracted Who

758 views • 58 slides
CS 528 Mobile and Ubiquitous Computing Lecture 8b: Voice Analytics, Affect Detection &

CS 528 Mobile and Ubiquitous Computing Lecture 8b: Voice Analytics, Affect Detection &

CS 528 Mobile and Ubiquitous Computing Lecture 8b: Voice Analytics, Affect Detection & Energy Efficiency Emmanuel Agu Voice-Based/Speech Analytics Voice Based Analytics Voice can be analyzed, lots of useful information extracted Who

1.01k views • 58 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics & Affect Detection

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics & Affect Detection

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Voice Analytics & Affect Detection Emmanuel Agu Voice-Based/Speech Analytics Voice Based Analytics Voice can be analyzed, lots of useful information extracted Who is talking? (Speaker

697 views • 30 slides
Distributed Systems Authentication Protocols Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Authentication Protocols Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Authentication Establish and verify identity allow access to resources Distributed Systems Authentication Protocols Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the

228 views • 10 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Information Security Identification and authentication Advanced User Authentication I 2019-02-01

Information Security Identification and authentication Advanced User Authentication I 2019-02-01

Information Security Identification and authentication Advanced User Authentication I 2019-02-01 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

573 views • 32 slides
Information Security Identification and authentication Advanced User Authentication I 2018-02-02

Information Security Identification and authentication Advanced User Authentication I 2018-02-02

Information Security Identification and authentication Advanced User Authentication I 2018-02-02 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

568 views • 41 slides
Information Security Identification and authentication Advanced User Authentication I 2016-01-26

Information Security Identification and authentication Advanced User Authentication I 2016-01-26

Information Security Identification and authentication Advanced User Authentication I 2016-01-26 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for this part of the course Background Statistics in user authentication Biometric systems

865 views • 40 slides

More recommend