%0 Generic %1 Yangyong2019 %A Zhang, Yangyong %A Xu, Lei %A Mendoza, Abner %A Yang, Guangliang %A Chinprutthiwong, Phakpoom %A Gu, G. %D 2019 %J Proceedings 2019 Network and Distributed System Security Symposium %K NLP AI_voice_assistants semantic_understanding LSTM deep_learning posted_with_chatgpt %R 10.14722/ndss.2019.23525 %T Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications %U https://www.semanticscholar.org/paper/082b66534929a7fbb431d4e847b178bbc3cf9352 %X —Popular Voice Assistant (VA) services such as Amazon Alexa and Google Assistant are now rapidly appifying their platforms to allow more flexible and diverse voice-controlled service experience. However, the ubiquitous deployment of VA devices and the increasing number of third-party applications have raised security and privacy concerns. While previous works such as hidden voice attacks mostly examine the problems of VA services’ default Automatic Speech Recognition (ASR) component, our work analyzes and evaluates the security of the succeeding component after ASR, i.e., Natural Language Understanding (NLU), which performs semantic interpretation (i.e., text-to-intent) after ASR’s acoustic-to-text processing. In particular, we focus on NLU’s Intent Classifier which is used in customizing machine understanding for third-party VA Applications (or vApps). We find that the semantic inconsistency caused by the improper semantic interpretation of an Intent Classifier can create the opportunity of breaching the integrity of vApp processing when attackers delicately leverage some common spoken errors. In this paper, we design the first linguistic-model-guided fuzzing tool, named LipFuzzer, to assess the security of Intent Classifier and systematically discover potential misinterpretation-prone spoken errors based on vApps’ voice command templates. To guide the fuzzing, we construct adversarial linguistic models with the help of Statistical Relational Learning (SRL) and emerging Natural Language Processing (NLP) techniques. In evaluation, we have successfully verified the effectiveness and accuracy of LipFuzzer. We also use LipFuzzer to evaluate both Amazon Alexa and Google Assistant vApp platforms. We have identified that a large portion of real-world

@JournalArticle{Yangyong2019, abstract = {—Popular Voice Assistant (VA) services such as Amazon Alexa and Google Assistant are now rapidly appifying their platforms to allow more flexible and diverse voice-controlled service experience. However, the ubiquitous deployment of VA devices and the increasing number of third-party applications have raised security and privacy concerns. While previous works such as hidden voice attacks mostly examine the problems of VA services’ default Automatic Speech Recognition (ASR) component, our work analyzes and evaluates the security of the succeeding component after ASR, i.e., Natural Language Understanding (NLU), which performs semantic interpretation (i.e., text-to-intent) after ASR’s acoustic-to-text processing. In particular, we focus on NLU’s Intent Classifier which is used in customizing machine understanding for third-party VA Applications (or vApps). We find that the semantic inconsistency caused by the improper semantic interpretation of an Intent Classifier can create the opportunity of breaching the integrity of vApp processing when attackers delicately leverage some common spoken errors. In this paper, we design the first linguistic-model-guided fuzzing tool, named LipFuzzer, to assess the security of Intent Classifier and systematically discover potential misinterpretation-prone spoken errors based on vApps’ voice command templates. To guide the fuzzing, we construct adversarial linguistic models with the help of Statistical Relational Learning (SRL) and emerging Natural Language Processing (NLP) techniques. In evaluation, we have successfully verified the effectiveness and accuracy of LipFuzzer. We also use LipFuzzer to evaluate both Amazon Alexa and Google Assistant vApp platforms. We have identified that a large portion of real-world}, added-at = {2023-11-23T18:41:09.000+0100}, author = {Zhang, Yangyong and Xu, Lei and Mendoza, Abner and Yang, Guangliang and Chinprutthiwong, Phakpoom and Gu, G.}, biburl = {https://www.bibsonomy.org/bibtex/2bd7a24a2732b2b5f351483cbbdce7267/sarahajjib}, description = {This paper discusses the advancement in NLP models for AI voice assistants, focusing on semantic understanding over traditional syntactic analysis. It introduces LipFuzzer, a tool for assessing the security of Intent Classifier in voice assistant applications, highlighting the importance of semantic interpretation in NLP.}, doi = {10.14722/ndss.2019.23525}, interhash = {40e2f5d9796c4305ed684166e063e2fd}, intrahash = {bd7a24a2732b2b5f351483cbbdce7267}, journal = {Proceedings 2019 Network and Distributed System Security Symposium}, keywords = {NLP AI_voice_assistants semantic_understanding LSTM deep_learning posted_with_chatgpt}, timestamp = {2023-11-23T18:41:09.000+0100}, title = {Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications}, url = {https://www.semanticscholar.org/paper/082b66534929a7fbb431d4e847b178bbc3cf9352}, year = 2019 }