8,713 research outputs found

    Security and Privacy Problems in Voice Assistant Applications: A Survey

    Full text link
    Voice assistant applications have become omniscient nowadays. Two models that provide the two most important functions for real-life applications (i.e., Google Home, Amazon Alexa, Siri, etc.) are Automatic Speech Recognition (ASR) models and Speaker Identification (SI) models. According to recent studies, security and privacy threats have also emerged with the rapid development of the Internet of Things (IoT). The security issues researched include attack techniques toward machine learning models and other hardware components widely used in voice assistant applications. The privacy issues include technical-wise information stealing and policy-wise privacy breaches. The voice assistant application takes a steadily growing market share every year, but their privacy and security issues never stopped causing huge economic losses and endangering users' personal sensitive information. Thus, it is important to have a comprehensive survey to outline the categorization of the current research regarding the security and privacy problems of voice assistant applications. This paper concludes and assesses five kinds of security attacks and three types of privacy threats in the papers published in the top-tier conferences of cyber security and voice domain.Comment: 5 figure

    The Metaverse: Survey, Trends, Novel Pipeline Ecosystem & Future Directions

    Full text link
    The Metaverse offers a second world beyond reality, where boundaries are non-existent, and possibilities are endless through engagement and immersive experiences using the virtual reality (VR) technology. Many disciplines can benefit from the advancement of the Metaverse when accurately developed, including the fields of technology, gaming, education, art, and culture. Nevertheless, developing the Metaverse environment to its full potential is an ambiguous task that needs proper guidance and directions. Existing surveys on the Metaverse focus only on a specific aspect and discipline of the Metaverse and lack a holistic view of the entire process. To this end, a more holistic, multi-disciplinary, in-depth, and academic and industry-oriented review is required to provide a thorough study of the Metaverse development pipeline. To address these issues, we present in this survey a novel multi-layered pipeline ecosystem composed of (1) the Metaverse computing, networking, communications and hardware infrastructure, (2) environment digitization, and (3) user interactions. For every layer, we discuss the components that detail the steps of its development. Also, for each of these components, we examine the impact of a set of enabling technologies and empowering domains (e.g., Artificial Intelligence, Security & Privacy, Blockchain, Business, Ethics, and Social) on its advancement. In addition, we explain the importance of these technologies to support decentralization, interoperability, user experiences, interactions, and monetization. Our presented study highlights the existing challenges for each component, followed by research directions and potential solutions. To the best of our knowledge, this survey is the most comprehensive and allows users, scholars, and entrepreneurs to get an in-depth understanding of the Metaverse ecosystem to find their opportunities and potentials for contribution

    The Viability and Potential Consequences of IoT-Based Ransomware

    Get PDF
    With the increased threat of ransomware and the substantial growth of the Internet of Things (IoT) market, there is significant motivation for attackers to carry out IoT-based ransomware campaigns. In this thesis, the viability of such malware is tested. As part of this work, various techniques that could be used by ransomware developers to attack commercial IoT devices were explored. First, methods that attackers could use to communicate with the victim were examined, such that a ransom note was able to be reliably sent to a victim. Next, the viability of using "bricking" as a method of ransom was evaluated, such that devices could be remotely disabled unless the victim makes a payment to the attacker. Research was then performed to ascertain whether it was possible to remotely gain persistence on IoT devices, which would improve the efficacy of existing ransomware methods, and provide opportunities for more advanced ransomware to be created. Finally, after successfully identifying a number of persistence techniques, the viability of privacy-invasion based ransomware was analysed. For each assessed technique, proofs of concept were developed. A range of devices -- with various intended purposes, such as routers, cameras and phones -- were used to test the viability of these proofs of concept. To test communication hijacking, devices' "channels of communication" -- such as web services and embedded screens -- were identified, then hijacked to display custom ransom notes. During the analysis of bricking-based ransomware, a working proof of concept was created, which was then able to remotely brick five IoT devices. After analysing the storage design of an assortment of IoT devices, six different persistence techniques were identified, which were then successfully tested on four devices, such that malicious filesystem modifications would be retained after the device was rebooted. When researching privacy-invasion based ransomware, several methods were created to extract information from data sources that can be commonly found on IoT devices, such as nearby WiFi signals, images from cameras, or audio from microphones. These were successfully implemented in a test environment such that ransomable data could be extracted, processed, and stored for later use to blackmail the victim. Overall, IoT-based ransomware has not only been shown to be viable but also highly damaging to both IoT devices and their users. While the use of IoT-ransomware is still very uncommon "in the wild", the techniques demonstrated within this work highlight an urgent need to improve the security of IoT devices to avoid the risk of IoT-based ransomware causing havoc in our society. Finally, during the development of these proofs of concept, a number of potential countermeasures were identified, which can be used to limit the effectiveness of the attacking techniques discovered in this PhD research

    The Artist as Surveillant: The Use of Surveillance Technology in Contemporary Art

    Get PDF
    Artists have long been called observers, voyeurs, and watchers, and with a particular interest in human behavior and society, they frequently use unknowing passersby as their subjects for works. Curators and scholars explored how artists put citizens under surveillance with photography and videography, which dates back to the early 1900s, years before governments deployed surveillance systems. Since the 1980s, artists have explicitly explored surveillance technology and theory to alert viewers to the rise of surveillance. Today, this genre is called artveillance, a term coined by Andrea Mubi Brighenti in 2010 to categorize art that explicitly deals with surveillance. This genre developed parallel to the rise of mass surveillance which created the current-day surveillance state. Since artveillance dominates the contemporary art scene, I was interested in the history of surveillance technology and themes in art. Although that history is brief, there is a wealth of artworks and studies on the topic. This thesis explores artists who use surveillance technology, specifically close-circuit video, in their practice and how this work has changed over time compared to the rise of government surveillance systems. To properly examine the artwork, each artwork’s technological history and broader cultural context is considered, with careful attention to the artists’ intentions. The thesis starts in the 1970s with Bruce Nauman and Peter Campus’s closed-circuit video installations. The artists did not aim to create a surveillance area but wanted to explore the viewer’s identity with their moving image. In Chapter 2, Julia Scher and Lynn Hershman Leeson’s work from the 1980s and early 1990s is discussed. Created when state surveillance was on the rise, the artists’ work used surveillance technology to critique the systems. The third chapter explores surveillance in a post-9/11 state through Jill Magid and Laura Poitras’s work. The artists exploited and exposed government systems to show how the public’s privacy is invaded. Finally, the paper concludes with an investigation into the public’s relationship with video surveillance, which resembles an apathetic acceptance

    Associated Random Neural Networks for Collective Classification of Nodes in Botnet Attacks

    Full text link
    Botnet attacks are a major threat to networked systems because of their ability to turn the network nodes that they compromise into additional attackers, leading to the spread of high volume attacks over long periods. The detection of such Botnets is complicated by the fact that multiple network IP addresses will be simultaneously compromised, so that Collective Classification of compromised nodes, in addition to the already available traditional methods that focus on individual nodes, can be useful. Thus this work introduces a collective Botnet attack classification technique that operates on traffic from an n-node IP network with a novel Associated Random Neural Network (ARNN) that identifies the nodes which are compromised. The ARNN is a recurrent architecture that incorporates two mutually associated, interconnected and architecturally identical n-neuron random neural networks, that act simultneously as mutual critics to reach the decision regarding which of n nodes have been compromised. A novel gradient learning descent algorithm is presented for the ARNN, and is shown to operate effectively both with conventional off-line training from prior data, and with on-line incremental training without prior off-line learning. Real data from a 107 node packet network is used with over 700,000 packets to evaluate the ARNN, showing that it provides accurate predictions. Comparisons with other well-known state of the art methods using the same learning and testing datasets, show that the ARNN offers significantly better performance

    Critical Review on Internet of Things (IoT): Evolution and Components Perspectives

    Get PDF
    Technological advancement in recent years has transformed the internet to a network where everything is linked, and everyday objects can be recognised and controlled. This interconnection is popularly termed as the Internet of Things (IoT). Although, IoT remains popular in academic literature, limited studies have focused on its evolution, components, and implications for industries. Hence, the focus of this book chapter is to explore these dimensions, and their implications for industries. The study adopted the critical review method, to address these gaps in the IoT literature for service and manufacturing industries. Furthermore, the relevance for IoT for service and manufacturing industries were also discussed. While the impact of IoT in the next five years is expected to be high by industry practitioners, experts consider the current degree of its implementation across industry to be on the average. This critical review contributes theoretically to the literature on IoT. In effect, the intense implementation of the IoT, IIoT and IoS will go a long way in ensuring improvements in various industries that would in the long run positively impact the general livelihood of people as well as the way of doing things. Practical implications and suggestions for future studies have been discussed

    SYSTEM AND METHOD FOR SENSITIVE DATA PROTECTION FOR ACCESSIBILITY USERS

    Get PDF
    Present disclosure discloses a method and a system for sensitive data protection for accessibility users. In some embodiments, the method includes receiving a message from user device (102-1) from the accessibility user, and identifying if the message includes sensitive data by using a predefined technique. Thereafter, the method discloses detecting if an audio device (106) is plugged in or not plugged in to the user device (102-1). If the audio device (106) is not plugged in to the user device (102-1) , the method includes performing obfuscation of the sensitive data and reads out the sensitive data with obfuscation. However, if the audio device (106) is plugged in to the user device (102-1), the method includes reading out the sensitive data without obfuscation. The present disclosure provides a secure environment with personalized obfuscation mechanism for protection of sensitive data for the accessibility users

    Redefining Community in the Age of the Internet: Will the Internet of Things (IoT) generate sustainable and equitable community development?

    Get PDF
    There is a problem so immense in our built world that it is often not fully realized. This problem is the disconnection between humanity and the physical world. In an era of limitless data and information at our fingertips, buildings, public spaces, and landscapes are divided from us due to their physical nature. Compared with the intense flow of information from our online world driven by the beating engine of the internet, our physical world is silent. This lack of connection not only has consequences for sustainability but also for how we perceive and communicate with our built environment in the modern age. A possible solution to bridge the gap between our physical and online worlds is a technology known as the Internet of Things (IoT). What is IoT? How does it work? Will IoT change the concept of the built environment for a participant within it, and in doing so enhance the dynamic link between humans and place? And what are the implications of IoT for privacy, security, and data for the public good? Lastly, we will identify the most pressing issues existing in the built environment by conducting and analyzing case studies from Pomona College and California State University, Northridge. By analyzing IoT in the context of case studies we can assess its viability and value as a tool for sustainability and equality in communities across the world

    Bridging technology and educational psychology: an exploration of individual differences in technology-assisted language learning within an Algerian EFL setting

    Get PDF
    The implementation of technology in language learning and teaching has a great influence onthe teaching and learning process as a whole and its impact on the learners’ psychological state seems of paramount significance, since it could be either an aid or a barrier to students’ academic performance. This thesis therefore explores individual learner differences in technology-assisted language learning (TALL) and when using educational technologies in higher education within an Algerian English as a Foreign Language (EFL) setting. Although I initially intended to investigate the relationship between TALL and certain affective variables mainly motivation, anxiety, self-confidence, and learning styles inside the classroom, the collection and analysis of data shifted my focus to a holistic view of individual learner differences in TALL environments and when using educational technologies within and beyond the classroom. In an attempt to bridge technology and educational psychology, this ethnographic case study considers the nature of the impact of technology integration in language teaching and learning on the psychology of individual language learners inside and outside the classroom. The study considers the reality constructed by participants and reveals multiple and distinctive views about the relationship between the use of educational technologies in higher education and individual learner differences. It took place in a university in the north-west of Algeria and involved 27 main and secondary student and teacher participants. It consisted of focus-group discussions, follow-up discussions, teachers’ interviews, learners’ diaries, observation, and field notes. It was initially conducted within the classroom but gradually expanded to other settings outside the classroom depending on the availability of participants, their actions, and activities. The study indicates that the impact of technology integration in EFL learning on individual learner differences is both complex and dynamic. It is complex in the sense that it is shown in multiple aspects and reflected on the students and their differences. In addition to various positive and different negative influences of different technology uses and the different psychological reactions among students to the same technology scenario, the study reveals the unrecognised different manifestations of similar psychological traits in the same ELT technology scenario. It is also dynamic since it is characterised by constant change according to contextual approaches to and practical realities of technology integration in language teaching and learning in the setting, including discrepancies between students’ attitudes and teacher’ actions, mismatches between technological experiences inside and outside the classroom, local concerns and generalised beliefs about TALL in the context, and the rapid and unplanned shift to online educational delivery during the Covid-19 pandemic situation. The study may therefore be of interest, not only to Algerian teachers and students, but also to academics and institutions in other contexts through considering the complex and dynamic impact of TALL and technology integration at higher education on individual differences, and to academics in similar low-resource contexts by undertaking a context approach to technology integration

    Learning disentangled speech representations

    Get PDF
    A variety of informational factors are contained within the speech signal and a single short recording of speech reveals much more than the spoken words. The best method to extract and represent informational factors from the speech signal ultimately depends on which informational factors are desired and how they will be used. In addition, sometimes methods will capture more than one informational factor at the same time such as speaker identity, spoken content, and speaker prosody. The goal of this dissertation is to explore different ways to deconstruct the speech signal into abstract representations that can be learned and later reused in various speech technology tasks. This task of deconstructing, also known as disentanglement, is a form of distributed representation learning. As a general approach to disentanglement, there are some guiding principles that elaborate what a learned representation should contain as well as how it should function. In particular, learned representations should contain all of the requisite information in a more compact manner, be interpretable, remove nuisance factors of irrelevant information, be useful in downstream tasks, and independent of the task at hand. The learned representations should also be able to answer counter-factual questions. In some cases, learned speech representations can be re-assembled in different ways according to the requirements of downstream applications. For example, in a voice conversion task, the speech content is retained while the speaker identity is changed. And in a content-privacy task, some targeted content may be concealed without affecting how surrounding words sound. While there is no single-best method to disentangle all types of factors, some end-to-end approaches demonstrate a promising degree of generalization to diverse speech tasks. This thesis explores a variety of use-cases for disentangled representations including phone recognition, speaker diarization, linguistic code-switching, voice conversion, and content-based privacy masking. Speech representations can also be utilised for automatically assessing the quality and authenticity of speech, such as automatic MOS ratings or detecting deep fakes. The meaning of the term "disentanglement" is not well defined in previous work, and it has acquired several meanings depending on the domain (e.g. image vs. speech). Sometimes the term "disentanglement" is used interchangeably with the term "factorization". This thesis proposes that disentanglement of speech is distinct, and offers a viewpoint of disentanglement that can be considered both theoretically and practically
    • …
    corecore