Research Article
Exploring Vulnerabilities in Voice Command Skills for Connected Vehicles
@INPROCEEDINGS{10.1007/978-3-031-51630-6_1, author={Wenbo Ding and Song Liao and Keyan Guo and Fuqiang Zhang and Long Cheng and Ziming Zhao and Hongxin Hu}, title={Exploring Vulnerabilities in Voice Command Skills for Connected Vehicles}, proceedings={Security and Privacy in Cyber-Physical Systems and Smart Vehicles. First EAI International Conference, SmartSP 2023, Chicago, USA, October 12-13, 2023, Proceedings}, proceedings_a={SMARTSP}, year={2024}, month={2}, keywords={Alexa Voice Assistant Skills Connected Vehicle}, doi={10.1007/978-3-031-51630-6_1} }- Wenbo Ding
Song Liao
Keyan Guo
Fuqiang Zhang
Long Cheng
Ziming Zhao
Hongxin Hu
Year: 2024
Exploring Vulnerabilities in Voice Command Skills for Connected Vehicles
SMARTSP
Springer
DOI: 10.1007/978-3-031-51630-6_1
Abstract
Voice assistant platforms have revolutionized user interactions with connected vehicles, providing the convenience of controlling them through simple voice commands. However, this innovation also brings about significant cyber-risks to voice-controlled vehicles. This paper presents a novel attack that showcases the ability of a “malicious” skill, utilizing the skill ranking system on the Alexa platform, to hijack voice commands originally intended for a benign third-party connected vehicle skill. Through our evaluation, we demonstrate the effectiveness of this attack by successfully hijacking commonly used commands in commercial connected vehicle skills.
Copyright © 2023–2025 ICST
