9,764 research outputs found
Continuous Authentication for Voice Assistants
Voice has become an increasingly popular User Interaction (UI) channel,
mainly contributing to the ongoing trend of wearables, smart vehicles, and home
automation systems. Voice assistants such as Siri, Google Now and Cortana, have
become our everyday fixtures, especially in scenarios where touch interfaces
are inconvenient or even dangerous to use, such as driving or exercising.
Nevertheless, the open nature of the voice channel makes voice assistants
difficult to secure and exposed to various attacks as demonstrated by security
researchers. In this paper, we present VAuth, the first system that provides
continuous and usable authentication for voice assistants. We design VAuth to
fit in various widely-adopted wearable devices, such as eyeglasses,
earphones/buds and necklaces, where it collects the body-surface vibrations of
the user and matches it with the speech signal received by the voice
assistant's microphone. VAuth guarantees that the voice assistant executes only
the commands that originate from the voice of the owner. We have evaluated
VAuth with 18 users and 30 voice commands and find it to achieve an almost
perfect matching accuracy with less than 0.1% false positive rate, regardless
of VAuth's position on the body and the user's language, accent or mobility.
VAuth successfully thwarts different practical attacks, such as replayed
attacks, mangled voice attacks, or impersonation attacks. It also has low
energy and latency overheads and is compatible with most existing voice
assistants
Detecting and Mitigating Denial-of-Service Attacks on Voice over IP Networks
Voice over IP (VoIP) is more susceptible to Denial of Service attacks than traditional data traffic, due to the former's low tolerance to delay and jitter. We describe the design of our VoIP Vulnerability Assessment Tool (VVAT) with which we demonstrate vulnerabilities to DoS attacks inherent in many of the popular VoIP applications available today. In our threat model we assume an adversary who is not a network administrator, nor has direct control of the channel and key VoIP elements. His aim is to degrade his victim's QoS without giving away his presence by making his attack look like a normal network degradation. Even black-boxed, applications like Skype that use proprietary protocols show poor performance under specially crafted DoS attacks to its media stream. Finally we show how securing Skype relays not only preserves many of its useful features such as seamless traversal of firewalls but also protects its users from DoS attacks such as recording of conversations and disruption of voice quality. We also present our experiences using virtualization to protect VoIP applications from 'insider attacks'.
Our contribution is two fold we: 1) Outline a threat model for VoIP, incorporating our attack models in an open-source network simulator/emulator allowing VoIP vendors to check their software for vulnerabilities in a controlled environment before releasing it. 2) We present two promising approaches for protecting the confidentiality, availability and authentication of VoIP Services
Clustering-Based Predictive Process Monitoring
Business process enactment is generally supported by information systems that
record data about process executions, which can be extracted as event logs.
Predictive process monitoring is concerned with exploiting such event logs to
predict how running (uncompleted) cases will unfold up to their completion. In
this paper, we propose a predictive process monitoring framework for estimating
the probability that a given predicate will be fulfilled upon completion of a
running case. The predicate can be, for example, a temporal logic constraint or
a time constraint, or any predicate that can be evaluated over a completed
trace. The framework takes into account both the sequence of events observed in
the current trace, as well as data attributes associated to these events. The
prediction problem is approached in two phases. First, prefixes of previous
traces are clustered according to control flow information. Secondly, a
classifier is built for each cluster using event data to discriminate between
fulfillments and violations. At runtime, a prediction is made on a running case
by mapping it to a cluster and applying the corresponding classifier. The
framework has been implemented in the ProM toolset and validated on a log
pertaining to the treatment of cancer patients in a large hospital
- …