Threat modeling and analysis of voice assistant applications

Geumhwan Cho, Jusop Choi, Hyoungshick Kim, Sangwon Hyun, Jungwoo Ryoo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Voice assistant is an application that helps users to interact with their devices using voice commands in a more intuitive and natural manner. Recently, many voice assistant applications have been popularly deployed on smartphones and voice-controlled smart speakers. However, the threat and security of those applications have been examined only in very few studies. In this paper, we identify potential threats to voice assistant applications and assess the risk of those threats using the STRIDE and DREAD models. Our threat modeling demonstrates that generic voice assistants can potentially have 16 security threats. To mitigate the identified threats, we also discuss several defense strategies.

Original languageEnglish (US)
Title of host publicationInformation Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers
EditorsBrent ByungHoon Kang, JinSoo Jang
PublisherSpringer Verlag
Pages197-209
Number of pages13
ISBN (Print)9783030179816
DOIs
Publication statusPublished - Jan 1 2019
Event19th World International Conference on Information Security and Application, WISA 2018 - Jeju Island, Korea, Republic of
Duration: Aug 23 2018Aug 25 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11402 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference19th World International Conference on Information Security and Application, WISA 2018
CountryKorea, Republic of
CityJeju Island
Period8/23/188/25/18

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Cho, G., Choi, J., Kim, H., Hyun, S., & Ryoo, J. (2019). Threat modeling and analysis of voice assistant applications. In B. B. Kang, & J. Jang (Eds.), Information Security Applications - 19th International Conference, WISA 2018, Revised Selected Papers (pp. 197-209). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11402 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-17982-3_16