The Security Principles,Attacks,And Defenses Of Sound Sensing

The rapid development of sensory technology has led to a wider interactive connection between the Internet of Things and the real physical world,making it possible for intelligent applications such as driverless,smart homes and voice assistants.However,the security risks of sensing have not received sufficient attention in the past.Sensors are the core components of perception technology,and due to their generally low complexity and intelligence,they are highly vulnerable to attacks from the physical world,leading to erroneous perception results.Since the upper layer system generally defaults to all sensor measurements are trusted,at most there is noise and a certain margin of error,this blind trust in the hardware will lead to the sensor once attacked,the subsequent decision-making and execution links may be wrong,so that the security of the entire Io T device system in which it is located are under great threat.Therefore,sensors are the new attack surface of Io T that needs urgent attention,and a systematic under-standing of the risks and mechanisms of perception security is needed for a comprehensive protection so that sensors can measure reliably in complex and changing environments and se-cure the interaction between Io T and the physical world.In this paper,we address the perception security problem of Io T,study the general mechanism of perception security,and take sound perception as the entry point to study the attacks and protection methods in two representa-tive scenarios of voice acquisition and acoustic wave measurement,and propose corresponding solutions for the sound perception security problem.· Principles of Sound Sensing Security: There are many kinds of sensors with multiple and heterogeneous hardware design schemes and complex and variable transduction prin-ciples.At the same time,the attacks against sensors are characterized by multi-modal signals,multi-paths of propagation and multi-mechanisms of action,which are difficult to be described and analyzed in a unified manner,limiting the in-depth understanding of the sensing security problem.In this paper,we first dissect the perception security problem and define the ways,methods and threat models of possible transduction attacks on the perception process.In order to accurately understand the perception security mechanism,this paper starts from the signal conversion,transmission and processing pathways of sen-sors,and abstracts the pathways experienced by perception signals in sensors from input to output into a signal chain consisting of three main parts: transducer,signal processing circuit,and analog-to-digital converter,and then constructs a sensor model.On the basis of this model,a transducer attack model is constructed to achieve a unified description of the mechanism of transducer attack.· Inaudible Voice Command Attack based on Device Nonlinearity: Speech capture is commonly used in various voice systems of Io T such as intelligent voice assistants,and the system realizes the capture of user's voice signal through microphone.In this paper,we find that speech acquisition may be subject to attacks and there is a problem that the speech acquisition results are not trusted.By analyzing the sensory security mechanism of microphone sensors,this paper finds for the first time a security problem due to the inherent nonlinear characteristics of microphone hardware,a hardware flaw that is widely present in existing speech capture devices.By exploiting the nonlinear nature of the device,an attacker can generate intermodulation distortion in the signal path of the attacked micro-phone,causing the output signal of the microphone to contain signal frequencies that are not present in the input signal.In this paper,we investigate such security vulnerabilities of microphones and design the first ”dolphin sound attack”,which can be used to control smart devices in a covert manner by silently injecting an audible voice signal into the voice capture system through ultrasonic waves,so that the voice assistant can receive silent voice commands.· Voice Spoofing Detection based on Sound Field: In addition to the above attacks,the voice capture system also faces a variety of attacks such as voice spoofing attacks,in which the attacker can mimic the user's voice commands through recording replay,voice synthesis,voice conversion and other techniques to bypass the speaker verification system and control the voice assistant,causing serious security and privacy risks.In order to deal with such threats,this paper proposes a sound field-based voice capture protection method,which collects voice through the built-in dual microphones of cell phones and calculates the sound field characteristics ”field pattern” reflected by voice based on the dual-channel audio.In this paper,through in-depth simulation and experimental research,we find that the sound produced by different vocalists has unique spatial energy distribution(i.e.,sound field)characteristics due to the difference of physical sound structure,and the system can distinguish different vocalists(e.g.,between people and speakers and different people)through the field pattern.· Attacking and Defending Ultrasonic Obstacle Detection in Autonomous Vehicles: Acous-tic wave measurement is commonly used in scenarios such as self-driving cars,where the system achieves obstacle detection and ranging through ultrasonic range sensors,providing important sensory information for decision-making and control of autonomous driving.In this paper,we find that acoustic wave measurement has the problem of unreliable distance measurement results,and an attacker can make the sensor have no output or precisely con-trol its measurement results by emitting ultrasonic attack signals.In this paper,through fuzzy testing and reverse analysis of ultrasonic sensors,we found the security flaws of existing ultrasonic sensors,proposed and implemented blocking attacks and two types of spoofing attacks against ultrasonic sensors for the first time,and verified the attacks on11 ultrasonic sensors and 7 real cars,and found that the attacks can seriously affect the safety of autonomous driving,such as making the Tesla car in the autonomous driving state collision.To defend against such attacks,two types of security mechanisms based on single-sensor and multi-sensor are designed in this paper,which simultaneously imple-ment attack detection,reliable ranging and attacker localization,and effectively improve the security of acoustic ranging.