Demo #10: Hijacking Connected Vehicle Alexa Skills

Wenbo Ding (University at Buffalo), Long Cheng (Clemson University), Xianghang Mi (University of Science and Technology of China), Ziming Zhao (University at Buffalo) and Hongxin Hu (University at Buffalo)

Current voice assistant platforms allow users to interact with their cars through voice commands. However, this convenience comes with substantial cyber-risk to voice-controlled vehicles. In this demo, we show a “malicious” skill with unwanted control actions on the Alexa system could hijack voice commands that are supposed to be sent to a benign third-party connected vehicle skill.

Paper

View More Papers

DITTANY: Strength-Based Dynamic Information Flow Analysis Tool for x86...

Walid J. Ghandour, Clémentine Maurice (CNRS, CRIStAL)

On Utility and Privacy in Synthetic Genomic Data

Bristena Oprisanu (UCL), Georgi Ganev (UCL & Hazy), Emiliano De Cristofaro (UCL)

hbACSS: How to Robustly Share Many Secrets

Thomas Yurek (University of Illinois at Urbana-Champaign), Licheng Luo (University of Illinois at Urbana-Champaign), Jaiden Fairoze (University of California, Berkeley), Aniket Kate (Purdue University), Andrew Miller (University of Illinois at Urbana-Champaign)

Trust and Privacy Expectations during Perilous Times of Contact...

Habiba Farzand (University of Glasgow), Florian Mathis (University of Glasgow), Karola Marky (University of Glasgow), Mohamed Khamis (University of Glasgow)