Deep Adversarial Learning on Google Home devices
This work addresses privacy threats for users of smart speakers like Google Home, but it is incremental as it critiques existing methods without proposing a new solution.
The paper demonstrates that deep adversarial learning countermeasures for protecting smart speakers from machine learning attacks on encrypted traffic are inadequate, as shown by experiments on a real network dataset, indicating a need for major re-engineering to ensure proper protection.
Smart speakers and voice-based virtual assistants are core components for the success of the IoT paradigm. Unfortunately, they are vulnerable to various privacy threats exploiting machine learning to analyze the generated encrypted traffic. To cope with that, deep adversarial learning approaches can be used to build black-box countermeasures altering the network traffic (e.g., via packet padding) and its statistical information. This letter showcases the inadequacy of such countermeasures against machine learning attacks with a dedicated experimental campaign on a real network dataset. Results indicate the need for a major re-engineering to guarantee the suitable protection of commercially available smart speakers.